Hi.
On 12/06/2018 16:23, mlist wrote:
Hi,
there is a mechanism to specify to command like:
cookie <cokie_name> insert indirect preserve nocache httponly secure
to insert secure only if the session is ssl ? So it is possible to use
this command on a common http/https backend without using 2 different
redundant backend ?
You mean something like this?
frontend http
...
default_backend common_backend
frontend https
...
default_backend common_backend
backend common_backend
...
cookie <cokie_name> insert indirect preserve nocache httponly if !{ ssl_fc }
cookie <cokie_name> insert indirect preserve nocache httponly secure if {
ssl_fc }
...
https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#4.2-default_backend
https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#7.3.4-ssl_fc
There are also other cockie new security specifiers such as SameSite=… ?
Sorry I don't understand this sentence.
Thank you
Rob
[APK]
[Unione]
mlist
APKAPPA s.r.l. sede legale Via F. Albani, 21 20149 Milano |
p.iva/vat no. IT-08543640158
sede amministrativa e operativa Reggio Emilia (RE) via M. K. Gandhi,
24/A 42123 - sede operativa Magenta (MI) via Milano 89/91 20013
tel. 02 91712 000 | fax 02 91712 339 www.apkappa.it<http://www.apkappa.it>
Ai sensi e per gli effetti della Legge sulla tutela della riservatezza
personale (DL.gs. 196/03 e collegate), questa mail è destinata
unicamente alle persone sopra indicate e le informazioni in essa
contenute sono da considerarsi strettamente riservate.
This email is confidential, do not use the contents for any purpose
whatsoever nor disclose them to anyone else. If you are not the
intended recipient, you should not copy, modify, distribute or take any
action in reliance on it. If you have received this email in error,
please notify the sender and delete this email from your system.
HM, is the mailing list *the intended recipient* ;-) ?!
Best regards
Aleks
