Need help with http-proxy-middleware?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

8.5K Stars 676 Forks MIT License 334 Commits 69 Opened issues


:zap: The one-liner node.js http-proxy middleware for connect, express and browser-sync

Services available


Need anything else?

Contributors list


GitHub Workflow Status (branch) Coveralls dependency Status dependency Status npm

Node.js proxying made simple. Configure proxy middleware with ease for connect, express, browser-sync and many more.

Powered by the popular Nodejitsu

. GitHub stars

⚠️ Note

This page is showing documentation for version v1.x.x (release notes)

If you're looking for v0.x documentation. Go to:



requests to
// javascript

const express = require('express'); const { createProxyMiddleware } = require('http-proxy-middleware');

const app = express();

app.use('/api', createProxyMiddleware({ target: '', changeOrigin: true })); app.listen(3000);

// http://localhost:3000/api/foo/bar ->

// typescript

import * as express from 'express'; import { createProxyMiddleware, Filter, Options, RequestHandler } from 'http-proxy-middleware';

const app = express();

app.use('/api', createProxyMiddleware({ target: '', changeOrigin: true })); app.listen(3000);

// http://localhost:3000/api/foo/bar ->


options can be used, along with some extra

:bulb: Tip: Set the option

for name-based virtual hosted sites.

Table of Contents


$ npm install --save-dev http-proxy-middleware

Core concept

Proxy middleware configuration.

createProxyMiddleware([context,] config)

const { createProxyMiddleware } = require('http-proxy-middleware');

const apiProxy = createProxyMiddleware('/api', { target: '' }); // _/ __________________________/ // | | // context options

// 'apiProxy' is now ready to be used as middleware in a server.

  • context: Determine which requests should be proxied to the target host. (more on context matching)
  • target host to proxy to. (protocol + host)

(full list of

configuration options)

createProxyMiddleware(uri [, config])

// shorthand syntax for the example above:
const apiProxy = createProxyMiddleware('');

More about the shorthand configuration.


An example with

// include dependencies
const express = require('express');
const { createProxyMiddleware } = require('http-proxy-middleware');

// proxy middleware options const options = { target: '', // target host changeOrigin: true, // needed for virtual hosted sites ws: true, // proxy websockets pathRewrite: { '^/api/old-path': '/api/new-path', // rewrite path '^/api/remove/path': '/path', // remove base path }, router: { // when == 'dev.localhost:3000', // override target '' to 'http://localhost:8000' 'dev.localhost:3000': 'http://localhost:8000', }, };

// create the proxy (without context) const exampleProxy = createProxyMiddleware(options);

// mount exampleProxy in web server const app = express(); app.use('/api', exampleProxy); app.listen(3000);

Context matching

Providing an alternative way to decide which requests should be proxied; In case you are not able to use the server's

parameter to mount the proxy or when you need more flexibility.

RFC 3986

is used for context matching.

         \_/   \______________/\_________/ \_________/ \__/
          |           |            |            |        |
       scheme     authority       path        query   fragment
  • path matching

    • createProxyMiddleware({...})
      - matches any path, all requests will be proxied.
    • createProxyMiddleware('/', {...})
      - matches any path, all requests will be proxied.
    • createProxyMiddleware('/api', {...})
      - matches paths starting with
  • multiple path matching

    • createProxyMiddleware(['/api', '/ajax', '/someotherpath'], {...})
  • wildcard path matching

For fine-grained control you can use wildcard matching. Glob pattern matching is done by micromatch. Visit micromatch or glob for more globbing examples.

  • createProxyMiddleware('**', {...})
    matches any path, all requests will be proxied.
  • createProxyMiddleware('**/*.html', {...})
    matches any path which ends with
  • createProxyMiddleware('/*.html', {...})
    matches paths directly under path-absolute
  • createProxyMiddleware('/api/**/*.html', {...})
    matches requests ending with
    in the path of
  • createProxyMiddleware(['/api/**', '/ajax/**'], {...})
    combine multiple patterns
  • createProxyMiddleware(['/api/**', '!**/bad.json'], {...})

Note: In multiple path matching, you cannot use string paths and wildcard paths together.

  • custom matching

For full control you can provide a custom function to determine which requests should be proxied or not.

   * @return {Boolean}
  const filter = function (pathname, req) {
    return pathname.match('^/api') && req.method === 'GET';

const apiProxy = createProxyMiddleware(filter, { target: '', });


http-proxy-middleware options

  • option.pathRewrite: object/function, rewrite target's url path. Object-keys will be used as RegExp to match paths.
  // rewrite path
  pathRewrite: {'^/old/api' : '/new/api'}

// remove path pathRewrite: {'^/remove/api' : ''}

// add base path pathRewrite: {'^/' : '/basepath/'}

// custom rewriting pathRewrite: function (path, req) { return path.replace('/api', '/base/api') }

// custom rewriting, returning Promise pathRewrite: async function (path, req) { const should_add_something = await httpRequestToDecideSomething(path); if (should_add_something) path += "something"; return path; }

  • option.router: object/function, re-target
    for specific requests.
  // Use `host` and/or `path` to match requests. First match will be used.
  // The order of the configuration matters.
  router: {
      'integration.localhost:3000' : 'http://localhost:8001',  // host only
      'staging.localhost:3000'     : 'http://localhost:8002',  // host only
      'localhost:3000/api'         : 'http://localhost:8003',  // host + path
      '/rest'                      : 'http://localhost:8004'   // path only

// Custom router function (string target) router: function(req) { return 'http://localhost:8004'; }

// Custom router function (target object) router: function(req) { return { protocol: 'https:', // The : is required host: 'localhost', port: 8004 }; }

// Asynchronous router function which returns promise router: async function(req) { const url = await doSomeIO(); return url; }

  • option.logLevel: string, ['debug', 'info', 'warn', 'error', 'silent']. Default:

  • option.logProvider: function, modify or replace log provider. Default:

  // simple replace
  function logProvider(provider) {
    // replace the default console log provider.
    return require('winston');
  // verbose replacement
  function logProvider(provider) {
    const logger = new (require('winston').Logger)();

const myCustomProvider = {
  log: logger.log,
  debug: logger.debug,
  warn: logger.warn,
  error: logger.error,
return myCustomProvider;


http-proxy events

Subscribe to http-proxy events:

  • option.onError: function, subscribe to http-proxy's
    event for custom error handling.
  function onError(err, req, res, target) {
    res.writeHead(500, {
      'Content-Type': 'text/plain',
    res.end('Something went wrong. And we are reporting a custom error message.');
  • option.onProxyRes: function, subscribe to http-proxy's
  function onProxyRes(proxyRes, req, res) {
    proxyRes.headers['x-added'] = 'foobar'; // add new header to response
    delete proxyRes.headers['x-removed']; // remove header from response
  • option.onProxyReq: function, subscribe to http-proxy's
  function onProxyReq(proxyReq, req, res) {
    // add custom header to request
    proxyReq.setHeader('x-added', 'foobar');
    // or log the req
  • option.onProxyReqWs: function, subscribe to http-proxy's
  function onProxyReqWs(proxyReq, req, socket, options, head) {
    // add custom header
    proxyReq.setHeader('X-Special-Proxy-Header', 'foobar');
  • option.onOpen: function, subscribe to http-proxy's
  function onOpen(proxySocket) {
    // listen for messages coming FROM the target here
    proxySocket.on('data', hybiParseAndLogMessage);
  • option.onClose: function, subscribe to http-proxy's
  function onClose(res, socket, head) {
    // view disconnected websocket connections
    console.log('Client disconnected');

http-proxy options

The following options are provided by the underlying http-proxy library.

  • url string to be parsed with the url module
  • option.forward: url string to be parsed with the url module
  • option.agent: object to be passed to http(s).request (see Node's https agent and http agent objects)
  • option.ssl: object to be passed to https.createServer()
  • true/false: if you want to proxy websockets
  • option.xfwd: true/false, adds x-forward headers
  • true/false, if you want to verify the SSL Certs
  • option.toProxy: true/false, passes the absolute URL as the
    (useful for proxying to proxies)
  • option.prependPath: true/false, Default: true - specify whether you want to prepend the target's path to the proxy path
  • option.ignorePath: true/false, Default: false - specify whether you want to ignore the proxy path of the incoming request (note: you will have to append / manually if required).
  • option.localAddress : Local interface string to bind for outgoing connections
  • option.changeOrigin: true/false, Default: false - changes the origin of the host header to the target URL
  • option.preserveHeaderKeyCase: true/false, Default: false - specify whether you want to keep letter case of response header key
  • option.auth : Basic authentication i.e. 'user:password' to compute an Authorization header.
  • option.hostRewrite: rewrites the location hostname on (301/302/307/308) redirects.
  • option.autoRewrite: rewrites the location host/port on (301/302/307/308) redirects based on requested host/port. Default: false.
  • option.protocolRewrite: rewrites the location protocol on (301/302/307/308) redirects to 'http' or 'https'. Default: null.
  • option.cookieDomainRewrite: rewrites domain of
    headers. Possible values:
    • false
      (default): disable cookie rewriting
    • String: new domain, for example
      cookieDomainRewrite: "new.domain"
      . To remove the domain, use
      cookieDomainRewrite: ""
    • Object: mapping of domains to new domains, use
      to match all domains.
      For example keep one domain unchanged, rewrite one domain and remove other domains:
      cookieDomainRewrite: {
      "unchanged.domain": "unchanged.domain",
      "old.domain": "new.domain",
      "*": ""
  • option.cookiePathRewrite: rewrites path of
    headers. Possible values:
    • false
      (default): disable cookie rewriting
    • String: new path, for example
      cookiePathRewrite: "/newPath/"
      . To remove the path, use
      cookiePathRewrite: ""
      . To set path to root use
      cookiePathRewrite: "/"
    • Object: mapping of paths to new paths, use
      to match all paths. For example, to keep one path unchanged, rewrite one path and remove other paths:
      cookiePathRewrite: {
      "/unchanged.path/": "/unchanged.path/",
      "/old.path/": "/new.path/",
      "*": ""
  • option.headers: object, adds request headers. (Example:
  • option.proxyTimeout: timeout (in millis) when proxy receives no response from target
  • option.timeout: timeout (in millis) for incoming requests
  • option.followRedirects: true/false, Default: false - specify whether you want to follow redirects
  • option.selfHandleResponse true/false, if set to true, none of the webOutgoing passes are called and it's your responsibility to appropriately return the response by listening and acting on the
  • option.buffer: stream of data to send as the request body. Maybe you have some middleware that consumes the request stream before proxying it on e.g. If you read the body of a request into a field called 'req.rawbody' you could restream this field in the buffer option:
  'use strict';

const streamify = require('stream-array'); const HttpProxy = require('http-proxy'); const proxy = new HttpProxy();

module.exports = (req, res, next) => { proxy.web( req, res, { target: 'http://localhost:4003/', buffer: streamify(req.rawBody), }, next ); };


Use the shorthand syntax when verbose configuration is not needed. The

will be automatically configured when shorthand is used. Options can still be used if needed.
// createProxyMiddleware('/api', {target: ''});

createProxyMiddleware('*/**.json'); // createProxyMiddleware('/api/books/*/**.json', {target: ''});

createProxyMiddleware('', { changeOrigin: true }); // createProxyMiddleware('/api', {target: '', changeOrigin: true});

app.use(path, proxy)

If you want to use the server's

parameter to match requests; Create and mount the proxy without the http-proxy-middleware
app.use('/api', createProxyMiddleware({ target: '', changeOrigin: true }));

  • express:
  • connect:
  • polka:


// verbose api
createProxyMiddleware('/', { target: '', ws: true });

// shorthand createProxyMiddleware('', { ws: true });

// shorter shorthand createProxyMiddleware('ws://');

External WebSocket upgrade

In the previous WebSocket examples, http-proxy-middleware relies on a initial http request in order to listen to the http

event. If you need to proxy WebSockets without the initial http request, you can subscribe to the server's http
event manually.
const wsProxy = createProxyMiddleware('ws://', { changeOrigin: true });

const app = express(); app.use(wsProxy);

const server = app.listen(3000); server.on('upgrade', wsProxy.upgrade); //

Intercept and manipulate requests

Intercept requests from downstream by defining


Currently the only pre-provided request interceptor is

, which is used to fix proxied POST requests when
is applied before this middleware.


const { createProxyMiddleware, fixRequestBody } = require('http-proxy-middleware');

const proxy = createProxyMiddleware({ /**

  • Fix bodyParser
  • */ onProxyReq: fixRequestBody, });

Intercept and manipulate responses

Intercept responses from upstream with

. (Make sure to set
selfHandleResponse: true

Responses which are compressed with

will be decompressed automatically. The response will be returned as
(docs) which you can manipulate.


, response manipulation is not limited to text responses (html/css/js, etc...); image manipulation will be possible too. (example)


disables streaming of target's response.


const { createProxyMiddleware, responseInterceptor } = require('http-proxy-middleware');

const proxy = createProxyMiddleware({ /**

  • IMPORTANT: avoid res.end being called automatically

  • */ selfHandleResponse: true, // res.end() will be called internally by responseInterceptor()


  • Intercept response and replace 'Hello' with 'Goodbye'

  • */ onProxyRes: responseInterceptor(async (responseBuffer, proxyRes, req, res) => { const response = responseBuffer.toString('utf8'); // convert buffer to string return response.replace('Hello', 'Goodbye'); // manipulate response and return the result }), });

Check out interception recipes for more examples.

Working examples

View and play around with working examples.


View the recipes for common use cases.

Compatible servers

is compatible with the following servers:

Sample implementations can be found in the server recipes.


Run the test suite:

# install dependencies
$ yarn


$ yarn lint $ yarn lint:fix

building (compile typescript to js)

$ yarn build

unit tests

$ yarn test

code coverage

$ yarn cover



The MIT License (MIT)

Copyright (c) 2015-2021 Steven Chim

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.