Hi,
Why not using something like,
reqidel ^X-Forwarded-Proto:.*
reqadd X-Forwarded-Proto:\ https if { ssl_fc }
reqadd X-Forwarded-Proto:\ http if ! { ssl_fc }
cheers
thomas
On 03.04.2013 12:26, Baptiste wrote:
> Ah sorry, I misread!
>
> http-request set-header X-Frontend-SSL %[ssl_fc] https
>
> %[ssl_fc] will be 0 in case of HTTP and 1 in case of SSL.
>
> You can't setup an ACL after the set-header directive.
>
> Baptiste
>
>
> On Wed, Apr 3, 2013 at 12:09 PM, Sander Klein <[email protected]
> <mailto:[email protected]>> wrote:
>
> Hmmm, nope, it still doesn't work
>
> I did:
>
>
> http-request set-header X-Forwarded-Proto https if { ssl_fc }
> http-request set-header X-Forwarded-Ssl on if { ssl_fc }
> http-request set-header X-Forwarded-Proto http if !{ ssl_fc }
> http-request set-header X-Forwarded-Ssl off if !{ ssl_fc }
>
> But this still gives me:
>
> Reloading haproxy: haproxy[ALERT] 092/120655 (9669) : parsing
> [/etc/haproxy/haproxy.cfg:221]: 'http-request set-header' expects
> exactly 2 arguments.
> [ALERT] 092/120655 (9669) : Error(s) found in configuration file :
> /etc/haproxy/haproxy.cfg
> failed!
>
> Greets,
>
> Sander
>
>
> On 03.04.2013 11:38, Baptiste wrote:
>
> Hi,
>
> You want to use anonymous ACLs which requires brackets '{' and
> '}', like:
>
> http-request set-header X-Forwarded-Proto https if { ssl_fc }
>
> Baptiste
>
> On Wed, Apr 3, 2013 at 11:15 AM, Sander Klein
> <[email protected] <mailto:[email protected]>> wrote:
>
> Hi,
>
> I try to do the following in my haproxy (dev18) config:
>
> http-request set-header X-Forwarded-Proto https if ssl_fc
> http-request set-header X-Forwarded-Ssl on if ssl_fc
>
> http-request set-header X-Forwarded-Proto http if ! ssl_fc
> http-request set-header X-Forwarded-Ssl off if ! ssl_fc
>
> But, when I reload I get:
>
> Reloading haproxy: haproxy[ALERT] 092/110441 (22291) :
> parsing [/etc/haproxy/haproxy.cfg:221]: 'http-request
> set-header' expects exactly 2 arguments.
> [ALERT] 092/110441 (22291) : Error(s) found in
> configuration file : /etc/haproxy/haproxy.cfg
> failed!
>
> I'm a bit at a loss here, since I saw an example somewhere
> on the Exceliance site and if I read the haproxy
> configuration manual it states:
>
> http-request { allow | deny | tarpit | auth [realm
> <realm>] | redirect <rule> |
> add-header <name> <fmt> | set-header <name>
> <fmt> }
> [ { if | unless } <condition> ]
>
> I might be interpreting this wrong, but the way I read it
> using the if statement with set-header is legal to use in
> the config. Am I wrong?
>
> Greets,
>
> Sander
>
>
