Hi,
We ran into some trouble where users would explicitly enter www in front of
a subdomain, having them thinking they're unable to connect. So we came up
with a solution of registering those dns names as well, e.g.
app.mydomain.com as well as www.app.mydomain.com and handle things from
there. Because we use HAProxy behind an Amazon elastic load balancer which
takes care of some things for us, the idea was to forward incoming requests
for both dns entries to HAProxy, filter out the www. requests and do a
permanent redirect to the non www. entry. This way they should arrive at
the Amazon load balancer just like they never entered the www. and traffic
should be handled as such.
I tried both using the prefix and location options for the redirect, but
keep running into the problem that the host header seems to remain
unchanged. This is causing my acl condition to remain true at all times,
which in turn causes a redirect loop.
These are both acls which I came up with, where $frontend is typically
something like myapp.mydomain.com:
http-request redirect code 301 prefix {{$frontend}} if { hdr(host) -i
www.{{$frontend}} }
http-request redirect code 307 location {{$frontend}}%[capture.req.uri] if
{ hdr(host) -i www.{{$frontend}} }
Both lead to a never ending concatenation of the $frontend variable being
added after the original host it seems:
www.myapp.mydomain.com/uri/myapp.mydomain.com/uri/......index.html
I think this is caused by the host header remaining the same (I checked
this using a Chrome plugin).
However, when I specifically enter a protocol in front of the redirect
location like this for example, it works fine:
http-request redirect code 301 prefix http://{{$frontend}} if { hdr(host)
-i www.{{$frontend}} }
Since we have a mix of configurations where both secure and non-secure
traffic is possible, I don't really want to complicate things further and
go down that route.
Two concrete questions:
1. Do you have any idea why this happens, and doesn't happen when
specifying a protocol?
2. Is there any solution to this? As far as I know, rewriting the host
header in a redirect isn't something that is supported by HAProxy (and not
really that nice..) right?
Best Regards,
Maurice van Ree
