On Wed, Sep 26, 2012 at 12:22:47AM -0700, Scott Francis wrote: > >> what about arbitrary cookie names? > > > > There is no such thing right now, though it should not be terribly > > difficult to implement since we already have the fetch functions for > > cookies. > > if I "capture request header Cookie" and multiple cookies are passed, > will I get only the first instance of the last unique cookie value (as > with "capture request header X-Forwarded-For") or will I get all > cookies?
In practice, browsers send all cookies in a single cookie header, so you'll get them all (with the 64 chars limit). > > So in practice, if your visitors pass through a chain of squids which > > each set an XFF header, you'll get the whole chain. The only issue you'll > > get is if some of the last proxies add a line of their own (as haproxy > > does), in which case you'll only get this line. But quite frankly, this > > is not common at all. And if you pass through some proxies in your > > infrastructures, most often they fold them again. > > what I'm seeing right now is that Apache (final destination for the > requests I'm trying to log) outputs in its access_log a chain of XFFs > with 3-4 IPs per HTTP request, but haproxy emits only the last IP in > the XFF chain to syslog when using "capture request header > X-Forwarded-For len 63" (again, with haproxy-1.4.16) Have you had a look at the request haproxy is receiving ? It would be nice to know whether it already receives multiple headers (eg: due to other components in the chain before it) or all of them at once. > thanks Willy - I was told that you monitored the list closely and were > quick on the replies; nice to see that reputation was well-deserved. Well, it's not that true because in general I don't read the ML often enough. However there are some much more active and skilled people there so users are well served anyway :-) Willy
