On 16 Oct 2016 2:26 am, "Amol" <[email protected]> wrote: > > Hi Igor, > Thanks so much for the reply, here is the error/warning i get when i add your config line > > sudo /etc/init.d/haproxy restart > * Restarting haproxy haproxy [WARNING] 288/112410 (18154) : parsing [/etc/haproxy/haproxy.cfg:84] : anonymous acl will never match because it uses keyword 'req.hdr' which is incompatible with 'frontend http-response header rule' > [WARNING] 288/112410 (18157) : parsing [/etc/haproxy/haproxy.cfg:84] : anonymous acl will never match because it uses keyword 'req.hdr' which is incompatible with 'frontend http-response header rule' >
[ OK ] > am i also missing something else? like an acl rule for req.hdr? > > ________________________________ > From: Igor Cicimov <[email protected]> > To: Amol <[email protected]> > Cc: HAproxy Mailing Lists <[email protected]> > Sent: Friday, October 14, 2016 6:27 PM > Subject: Re: rspadd X-Frame-Options:\ ALLOW-FROM > > Amol, > > On Sat, Oct 15, 2016 at 7:21 AM, Amol <[email protected]> wrote: >> >> Hi, >> I am trying to configure my LB such that it can allow one of my websites to render the pages behind this LB. >> i am using Ubuntu 12.04 LTS >> and >> haproxy -v >> HA-Proxy version 1.5.14 2015/07/02 >> >> ----config file entry -------- >> rspadd X-Frame-Options:\ ALLOW-FROM if https://load.example.com > > > You are missing a condition here, try: > > rspadd X-Frame-Options:\ ALLOW-FROM if { req.hdr(Host) -i load.example.com } > Right, try this one: capture request header host len 128 http-response add-header X-Frame-Options:\ ALLOW-FROM %[capture.req.hdr(0)] if { capture.req.hdr(0) -m found } { capture.req.hdr(0) -i load.example.com } >> >> >> >> but i get this error >> >> [ALERT] 287/161307 (22941) : parsing [/etc/haproxy/haproxy.cfg:83] : error detected while parsing a 'rspadd' condition : no such ACL : ' https://load.example.com/'. >> [ALERT] 287/161307 (22941) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg >> [ALERT] 287/161307 (22941) : Fatal errors found in configuration. >> >> >> >> my prior setting was >> ----config file entry -------- >> rspadd X-Frame-Options:\ SAMEORIGIN >> >> and that blocked any site from rendering the pages behind this LB. But now i want it to allow this one link to open the pages. >> >> Please let me know if anyone has tackled this before. >> > > > > -- > Igor Cicimov | DevOps > > > p. +61 (0) 433 078 728 > e. [email protected] > w. www.encompasscorporation.com > > a. > Level 4, 65 York Street, Sydney 2000 > >
