On Sun, Jun 24, 2018 at 11:28 PM, mlist <ml...@apkappa.it> wrote: > Hi Igor, > > as I see, this is not true. > > > > I think ssl_fs is just persisted between request and response as this work > fine without setting vars (as for below example), *but never works for > cookie header inserted by “cookie <name> insert* …”. It seems that cookie > insert method override every other set cookie methods (probably applied as > last operation on the flow): > > > > acl https_sess ssl_fc > > acl secure_c_present res.hdr(Set-Cookie),lower -m sub secure > > rspirep ^(set-cookie:.*) \1;\ Secure if https_sess !secure_c_present > > > > using vars instead doesn’t works, I tested trying to adding a header like > this. It seems that this var is always false/null/empty: > > > > http-request set-var(txn.req_ssl) ssl_fc > > acl is_test var(txn.req_ssl) > > http-response set-header XXX-TEST-OPTIONS TEST1 if is_test > > > > is_test is never true as “http-request set-var(txn.req_ssl) ssl” is never > what one think… if iI’m not wrong… > > >
You need to use the var as type bool in this case, this is from one of my setups: frontend: http-request set-var(txn.req_api) bool(true) if tx_is_api backend: acl api_call var(txn.req_api) -m bool