On Sat, Nov 07, 2020 at 08:29:12AM +0000, Lari Huttunen wrote: > Cheers! <clip> > In practice, what I'm struggling with is the: > > * ability to control the requests or responses by HTTP method, i.e. > only allowing GET by default and access controlling POST and PUT
It turned out that filtering the requests per method was possible at least as follows: match request method "GET" tag "REQ_OK" block request pass tagged "REQ_OK" $ curl -i -X GET https://www.huttu.net HTTP/1.1 200 OK $ curl -i -X POST https://www.huttu.net HTTP/1.0 403 Forbidden Date: Sat, 07 Nov 2020 14:53:20 GMT Server: OpenBSD relayd Connection: close Content-Type: text/html Content-Length: 427 The only downside is that for unknown request types I still get a 500 from relayd. For example: $ curl -i -X WHATNOT https://www.huttu.net HTTP/1.0 500 Internal Server Error Date: Sat, 07 Nov 2020 14:55:32 GMT Server: OpenBSD relayd Connection: close Content-Type: text/html Content-Length: 442 Is that the intended behavior? > * ability to control the behavior of relayd based on the response > code from the backend IPFS web server, e.g. upon a 404, redirecting to > generic 404 page on the httpd. So what remains missing is the ability to control the responses back to the client in a controlled manner. Does anyone have a recipe for this, please? Best regards, Lari Huttunen -- "See the unseen."