Document updated on Jan 19, 2022

Customizing router behavior

The optional router configuration allows you to set global flags that change the way KrakenD processes the requests at the router layer.

Generally speaking you don’t need this. But in every case there is an exception and you might eventually need to change some value.

To change the router behavior, add the namespace router under the global extra_config. The following example shows how to return the error to the client:

See below the list of supported flags.

Supported router flags

The following sections describe the flags and options available to configure the router. Include only those that you need to override.

Customizing the health endpoint

You can set the following router options to customize how the health endpoint behaves:

• disable_health (boolean): When true you don’t have any exposed health endpoint. You can still use a TCP checker or build an endpoint yourself.
• health_path (string): The path where you’d like to expose the health endpoint. The default value is /__health.

Returning the gateway error message

The secure choice of KrakenD is that all errors generated at the gateway are not returned to the client in the body. By settting return_error_msg (boolean) to true, when there is an error in the gateway (such as a timeout, a non-200 status code, etc.) it returns to the client the reason for the failure. The error is written in the body as is.

{
  "version": 3,
  "extra_config": {
      "router":{
          "return_error_msg":true
      }
}

URLs, methods, and automatic redirections

There are two types of automatic redirections that happen at the router level. They can be disabled as follows:

• disable_redirect_trailing_slash (boolean): Disables automatic redirection if the current route can’t be matched but a handler for the path with (without) the trailing slash exists. For example if /foo/ is requested but a route only exists for /foo, the client is redirected to /foo with http status code 301 for GET requests and 307 for all other request methods.
• disable_redirect_fixed_path (boolean): If enabled, the router tries to fix the current request path, if no handle is registered for it. First superfluous path elements like ../ or // are removed. Afterwards the router does a case-insensitive lookup of the cleaned path. If a handle can be found for this route, the router makes a redirection to the corrected path with status code 301 for GET requests and 307 for all other request methods. For example /FOO and /..//Foo could be redirected to /foo. The flag disable_redirect_trailing_slash is independent of this option.
• disable_path_decoding (boolean): Disables automatic validation of the url params looking for url encoded ones. The default behavior (false) is to avoid double URL encoding of parameters that could lead to backend exploration. The server rejects with a 400 when the user is trying to make an injection with double (or more) URL-encoded parameters.
• remove_extra_slash (boolean): A parameter can be parsed from the URL even with extra slashes.
• disable_handle_method_not_allowed (boolean): Whether to checks if another method is allowed for the current route, if the current request can not be routed. If this is the case, the request is answered with Method Not Allowed and HTTP status code 405. If no other Method is allowed, the request is a 404.
• auto_options (boolean): Auto Options enables the autogenerated OPTIONS endpoint for all the registered paths

Obtaining the real IP

The following three flags determine how to get the client IP address:

• forwarded_by_client_ip (boolean): When set to true, client IP will be parsed from the request’s headers. If no IP can be fetched, it falls back to the IP obtained from the request’s remote address.
• remote_ip_headers (list): List of headers used to obtain the client IP when forwarded_by_client_ip is set to true and the remote address is matched by at least one of the network origins of trusted_proxies.
• trusted_proxies (list): List of network origins (IPv4 addresses, IPv4 CIDRs, IPv6 addresses or IPv6 CIDRs) from which to trust request’s headers that contain alternative client IP when forwarded_by_client_ip is true.

  {
    "version": 3,
    "extra_config": {
        "router":{
            "forwarded_by_client_ip": true,
            "remote_ip_headers": [
              "X-Custom-Ip"
            ],
            "trusted_proxies": [
              "172.20.0.1/16"
            ]
        }
  }

App Engine integration

The app_engine boolean trusts headers starting with X-AppEngine... for better integration with that PaaS.

{
  "version": 3,
  "extra_config": {
      "router":{
          "app_engine": true
      }
}

Memory available for Multipart forms

The max_multipart_memory integer sets the ‘maxMemory’ param that is given to http.Request’s Multipart Form method call.

Remove requests from logs

There are two options to remove content from logs:

• logger_skip_paths list defines the set of paths that are removed from the logging.
• disable_access_log boolean stops registering access requests to KrakenD and leaving any logs out from the output.

{
  "version": 3,
  "extra_config": {
      "router":{
          "logger_skip_paths":[
            "/__health"
          ],
          "disable_access_log": true
      }
}