nginx.git/src/http/modules/ngx_http_upstream_sticky_module.c, branch release-1.30.0 nginx Sticky: fixed expiration of learned sessions after reload. 2026-03-09T17:08:30+00:00 Aleksei Bavshin a.bavshin@nginx.com 2026-02-17T20:02:59+00:00 52cda2849cbc17fe82bc006d1571e657a42dba24 Previously, the expiration timer for learned session was not started until a new session is created. This could lead to the sessions being active past the expiration time. 
Previously, the expiration timer for learned session was not started
until a new session is created.  This could lead to the sessions being
active past the expiration time.
Sticky: samesite=<strict|lax|none> cookie flags. 2026-03-09T17:08:30+00:00 Vladimir Kokshenev v.kokshenev@f5.com 2020-11-01T23:03:08+00:00 0380586e69fc7b0b8aa7cea2329fef54f8ae69cb Adds new options for the "sticky cookie" directive to set samesite=<strict|lax|none> cookie flags. 
Adds new options for the "sticky cookie" directive to set
samesite=<strict|lax|none> cookie flags.
Sticky: added the "header" parameter in the learn mode. 2026-03-09T17:08:30+00:00 Vladimir Homutov vl@nginx.com 2017-06-08T12:39:06+00:00 8021cb02de840d6168a98e4eefb9bdfbe51ba96e With this parameter set, sessions are learned after receiving upstream headers. 
With this parameter set, sessions are learned after receiving upstream headers.
Sticky: added the "max-age" attribute to cookie. 2026-03-09T17:08:30+00:00 Vladimir Homutov vl@nginx.com 2017-04-07T13:28:15+00:00 7acbe17776a4133a08c7b5f502dc4a8fc40b2aef RFC 6265 defines "Max-Age" cookie attribute in section 5.2.2. If the "expires" option is passed to the "sticky" directive, "max-age" attribute will appear in cookies set by the module with corresponding value in seconds. For the special "max" value of the "expires" option, corresponding "max-age" attribute value will be set to 315360000 seconds (10 years, similar to how its done in headers_filter module for the "Cache-Control" header). 
RFC 6265 defines "Max-Age" cookie attribute in section 5.2.2.

If the "expires" option is passed to the "sticky" directive, "max-age"
attribute will appear in cookies set by the module with corresponding
value in seconds.

For the special "max" value of the "expires" option, corresponding "max-age"
attribute value will be set to 315360000 seconds (10 years, similar to
how its done in headers_filter module for the "Cache-Control" header).
Sticky: added variables support to cookie domain. 2026-03-09T17:08:30+00:00 Vladimir Homutov vl@nginx.com 2016-09-28T07:55:58+00:00 c988a6e2c13fc37cfc09d11a492540cd4e44163a 






Sticky: added "httponly" and "secure" attributes.
2026-03-09T17:08:30+00:00

Vladimir Homutov
vl@nginx.com

2015-03-17T15:46:15+00:00

6c13f0468be05a4d9f2f36e1a28ebbe14ac10281

The attributes are described in RFC6265, sections 4.1.2.5 and 4.1.2.6
respectively.





The attributes are described in RFC6265, sections 4.1.2.5 and 4.1.2.6
respectively.







Sticky: added the "learn" mode.
2026-03-09T17:08:30+00:00

Vladimir Homutov
vl@nginx.com

2014-05-05T07:53:10+00:00

af7137c88a87d4592d8d5879adf50b151d61e5b6

In this mode, nginx "learns" which client uses which proxied server by
analyzing headers of client requests and proxied server responses.

For example, a proxied server may start sessions by issuing the "Set-Cookie"
header field to set cookie 'sid' and returning clients will bring the cookie
with the same name.

The following configuration may be used to handle this case:

upstream u1 {
    server 127.0.0.1:8080;
    server 127.0.0.1:8081;

    sticky learn timeout=10m zone=sess:1m
           create=$upstream_cookie_sid
           lookup=$cookie_sid;
}

Co-authored-by: Ruslan Ermilov <ru@nginx.com>
Co-authored-by: Maxim Dounin <mdounin@mdounin.ru>





In this mode, nginx "learns" which client uses which proxied server by
analyzing headers of client requests and proxied server responses.

For example, a proxied server may start sessions by issuing the "Set-Cookie"
header field to set cookie 'sid' and returning clients will bring the cookie
with the same name.

The following configuration may be used to handle this case:

upstream u1 {
    server 127.0.0.1:8080;
    server 127.0.0.1:8081;

    sticky learn timeout=10m zone=sess:1m
           create=$upstream_cookie_sid
           lookup=$cookie_sid;
}

Co-authored-by: Ruslan Ermilov <ru@nginx.com>
Co-authored-by: Maxim Dounin <mdounin@mdounin.ru>







Upstream: added sticky sessions support for upstreams.
2026-03-09T17:08:30+00:00

Vladimir Homutov
vl@nginx.com

2013-04-02T21:44:36+00:00

104734f21888cfec6994e092073f51a0d4b0fb47

Sticky sessions allow to route the same client to the same upstream server.

- upstream structures are extended to keep session-related information

- existing balancing modules are updated to provide an id of the selected
  server (SID) in pc->sid, and to select the server, given it's SID.

- other balancing modules are allowed to set the pc->hint value to choose
  the desired peer.  The sticky module will not change the hint if it's
  already set.

- the feature is enabled by default and can be disabled with the
  "--without-http_upstream_sticky" switch of the configure script.

The following configuration can be used to enable sticky sessions for
supported balancing modules:

    upstream u1 {
        server 127.0.0.1:8080;
        server 127.0.0.1:8081;

        sticky cookie server_id expires=1h domain=.example.com path=/;
    }

Co-authored-by: Ruslan Ermilov <ru@nginx.com>
Co-authored-by: Roman Arutyunyan <arut@nginx.com>
Co-authored-by: Maxim Dounin <mdounin@mdounin.ru>





Sticky sessions allow to route the same client to the same upstream server.

- upstream structures are extended to keep session-related information

- existing balancing modules are updated to provide an id of the selected
  server (SID) in pc->sid, and to select the server, given it's SID.

- other balancing modules are allowed to set the pc->hint value to choose
  the desired peer.  The sticky module will not change the hint if it's
  already set.

- the feature is enabled by default and can be disabled with the
  "--without-http_upstream_sticky" switch of the configure script.

The following configuration can be used to enable sticky sessions for
supported balancing modules:

    upstream u1 {
        server 127.0.0.1:8080;
        server 127.0.0.1:8081;

        sticky cookie server_id expires=1h domain=.example.com path=/;
    }

Co-authored-by: Ruslan Ermilov <ru@nginx.com>
Co-authored-by: Roman Arutyunyan <arut@nginx.com>
Co-authored-by: Maxim Dounin <mdounin@mdounin.ru>