Hello :)
My name is Michael Hamburger and I work for a game development startup.
Currently I am using Docker Flow: Proxy
(https://github.com/vfarcic/docker-flow-proxy) which is based on
HAProxy. I think that's enough of introduction, I don't want to spam and
to be honest I have never used a mailing list before.
I have some backends which are secured with basic http auth. When the
entered user/pw is wrong, errorpage 401 is shown. Currently this page is
static inside proto_http.c
(https://github.com/haproxy/haproxy/blob/master/src/proto_http.c#L117).
The same with errorpage 407. I would like to change this and give users
the possibility to design their own 401 and 407 page. To be honest, I
already did. I read your contributing-guide and there is stated that PRs
aren't welcome (and that changes should be discussed in the mailing list
but I wanted to know how this can be done before I start to write a
mail...). I never made a git patch so I hope it's okay if I just mention
my changes per mail and if you think it's good enough merge them to
HAProxy. If you nonetheless like a git patch I will try to send one.
Description of what I changed:
File: /haproxy/include/types/proto_http.h Line: 245
(https://github.com/haproxy/haproxy/blob/master/include/types/proto_http.h#L245)
Change: I added HTTP_ERR_401 and HTTP_ERR_407 in the correct order.
File: /haproxy/src/proto_http.c Line: 117
(https://github.com/haproxy/haproxy/blob/master/src/proto_http.c#L117)
Change: I removed HTTP_401_fmt and HTTP_407_fmt.
File: /haproxy/src/proto_http.c Line 136
(https://github.com/haproxy/haproxy/blob/master/src/proto_http.c#L136)
Change: I added [HTTP_ERR_401] = 401 and [HTTP_ERR_407] = 407 in
correct order to the http_err_codes array.
I also added
[HTTP_ERR_401] =
"HTTP/1.0 401 Unauthorized\r\n"
"Cache-Control: no-cache\r\n"
"Connection: close\r\n"
"Content-Type: text/html\r\n"
"WWW-Authenticate: Basic realm=\"%s\"\r\n"
"\r\n"
"<html><body><h1>401 Unauthorized</h1>\nYou need a valid user and
password to access this content.\n</body></html>\n"
[HTTP_ERR_407] =
"HTTP/1.0 407 Unauthorized\r\n"
"Cache-Control: no-cache\r\n"
"Connection: close\r\n"
"Content-Type: text/html\r\n"
"Proxy-Authenticate: Basic realm=\"%s\"\r\n"
"\r\n"
"<html><body><h1>407 Unauthorized</h1>\nYou need a valid user and
password to access this content.\n</body></html>\n"
to the static const char* http_err_msgs array below.
File: /haproxy/src/proto_http.c Line: 3485
(https://github.com/haproxy/haproxy/blob/master/src/proto_http.c#L3485)
Change: Replaced chunk_printf(&trash, (txn->flags & TX_USE_PX_CONN) ?
HTTP_407_fmt : HTTP_401_fmt, auth_realm); with chunk_printf(&trash,
(txn->flags & TX_USE_PX_CONN) ? (const char *)http_error_message(s,
HTTP_ERR_401)->str : (const char *)http_error_message(s,
HTTP_ERR_401)->str, auth_realm);
Summarize: These are all changes I made. The static error page 401 and
407 were moved in http_err_msgs array and http_err_codes were added. The
HAProxy allows on my system with the mentioned changes errorfile for
http status 401 and 407 (errorfile 401 /errorfiles/401.http). The self
created 401.http file does have the WWW-Authenticate: Basic realm=\"%s\"
header so that the chunk_printf can add the correct auth_realm.
Thanks for reading and for HAProxy :)
