On 16 Oct 2016 2:26 am, "Amol" <mandm_z...@yahoo.com> wrote:
>
> Hi Igor,
> Thanks so much for the reply, here is the error/warning i get when i add
your config line
>
> sudo /etc/init.d/haproxy restart
>  * Restarting haproxy haproxy     [WARNING] 288/112410 (18154) : parsing
[/etc/haproxy/haproxy.cfg:84] : anonymous acl will never match because it
uses keyword 'req.hdr' which is incompatible with 'frontend http-response
header rule'
> [WARNING] 288/112410 (18157) : parsing [/etc/haproxy/haproxy.cfg:84] :
anonymous acl will never match because it uses keyword 'req.hdr' which is
incompatible with 'frontend http-response header rule'
>

[ OK ]
> am i also missing something else? like an acl rule for req.hdr?
>
> ________________________________
> From: Igor Cicimov <ig...@encompasscorporation.com>
> To: Amol <mandm_z...@yahoo.com>
> Cc: HAproxy Mailing Lists <haproxy@formilux.org>
> Sent: Friday, October 14, 2016 6:27 PM
> Subject: Re: rspadd X-Frame-Options:\ ALLOW-FROM
>
> Amol,
>
> On Sat, Oct 15, 2016 at 7:21 AM, Amol <mandm_z...@yahoo.com> wrote:
>>
>> Hi,
>> I am trying to configure my LB such that it can allow one of my websites
to render the pages behind this LB.
>> i am using Ubuntu 12.04 LTS
>> and
>> haproxy -v
>> HA-Proxy version 1.5.14 2015/07/02
>>
>> ----config file entry --------
>> rspadd X-Frame-Options:\ ALLOW-FROM if https://load.example.com
>
>
> You are missing a condition here, try:
>
> rspadd X-Frame-Options:\ ALLOW-FROM if { req.hdr(Host) -i load.example.com
}
>
Right, try this one:

capture request header host len 128
http-response add-header X-Frame-Options:\ ALLOW-FROM %[capture.req.hdr(0)]
if { capture.req.hdr(0) -m found } { capture.req.hdr(0) -i load.example.com
}

>>
>>
>>
>> but i get this error
>>
>> [ALERT] 287/161307 (22941) : parsing [/etc/haproxy/haproxy.cfg:83] :
error detected while parsing a 'rspadd' condition : no such ACL : '
https://load.example.com/'.
>> [ALERT] 287/161307 (22941) : Error(s) found in configuration file :
/etc/haproxy/haproxy.cfg
>> [ALERT] 287/161307 (22941) : Fatal errors found in configuration.
>>
>>
>>
>> my prior setting was
>> ----config file entry --------
>> rspadd X-Frame-Options:\ SAMEORIGIN
>>
>> and that blocked any site from rendering the pages behind this LB. But
now i want it to allow this one link to open the pages.
>>
>> Please let me know if anyone has tackled this before.
>>
>
>
>
> --
> Igor Cicimov | DevOps
>
>
> p. +61 (0) 433 078 728
> e. ig...@encompasscorporation.com
> w. www.encompasscorporation.com
>
> a.
> Level 4, 65 York Street, Sydney 2000
>
>

Reply via email to