On Thu, Sep 9, 2021 at 12:22 AM Christopher Faulet
wrote:
> Le 8/11/21 à 2:53 AM, Ryan Burn a écrit :
> > I'm working on integrating HAProxy with traceable.ai <
> http://traceable.ai>'s
> > security product.
> >
> > As part of the integration, we'd like to capture the contents of any
> http
> > responses processed by HAProxy and send them to a service either via
> SPOA or an
> > RPC call from Lua. The response contents are used by the product to help
> > identify possible security threats.
> >
> > I've tried a few things, but haven't found a reliable way to capture the
> > contents of response bodies. Is this possible with HAProxy?
> >
> > Here are the approaches I've explored so far:
> >
> > 1. I used the "res.body" fetch but that only provides the contents
> sometimes (I
> > presume if it's available in a buffer):
> >
> https://github.com/rnburn/haproxy-extcap/blob/master/test/docker/extcap.conf#L19
> > <
> https://github.com/rnburn/haproxy-extcap/blob/master/test/docker/extcap.conf#L19
> >
> >
> > 2. I also tried accessing the contents of the response channel from a
> Lua
> > action, but that fails with "Cannot manipulate HAProxy channels in HTTP
> mode"
> >
> https://github.com/rnburn/haproxy-extcap/blob/master/test/docker/response.lua#L5
> > <
> https://github.com/rnburn/haproxy-extcap/blob/master/test/docker/response.lua#L5
> >
>
>
> About the sample fetches, on HAProxy 2.3 and lower, there is no way to get
> the
> response payload because it is not possible to wait for it. There is no
> equivalent to the "http-buffer-request" option on the response side. On
> HAProxy-2.4, it is possible by using "wait-for-body" HTTP rule, available
> on the
> request and the response side. However, it is still limited by the buffer
> size.
>
Thanks Christopher! Do you know how to access the response body from a SPOA
if you add the "wait-for-body"?
I added the wait-for-proxy rules to my example project, but the "res.body"
argument still doesn't consistently provide the full body.
https://github.com/rnburn/haproxy-extcap/blob/master/test/docker/haproxy.cfg#L15-L16