On Sun, Jun 24, 2018 at 11:28 PM, mlist <ml...@apkappa.it> wrote:
> Hi Igor,
>
> as I see, this is not true.
>
>
>
> I think ssl_fs is just persisted between request and response as this work
> fine without setting vars (as for below example), *but never works for
> cookie header inserted by “cookie <name> insert* …”. It seems that cookie
> insert method override every other set cookie methods (probably applied as
> last operation on the flow):
>
>
>
> acl https_sess ssl_fc
>
> acl secure_c_present res.hdr(Set-Cookie),lower -m sub secure
>
> rspirep ^(set-cookie:.*) \1;\ Secure if https_sess !secure_c_present
>
>
>
> using vars instead doesn’t works, I tested trying to adding a header like
> this. It seems that this var is always false/null/empty:
>
>
>
> http-request set-var(txn.req_ssl) ssl_fc
>
> acl is_test var(txn.req_ssl)
>
> http-response set-header XXX-TEST-OPTIONS TEST1 if is_test
>
>
>
> is_test is never true as “http-request set-var(txn.req_ssl) ssl” is never
> what one think… if iI’m not wrong…
>
>
>
You need to use the var as type bool in this case, this is from one of my
setups:
frontend:
http-request set-var(txn.req_api) bool(true) if tx_is_api
backend:
acl api_call var(txn.req_api) -m bool
