Hi,
In order to be able to process layer 7 manipulation (what you want to
achieve) for *each* request, then you must enable http mode on your
frontebd/backend and to enable the option http-server-close.
cheers
On Thu, Oct 27, 2011 at 12:21 AM, Vivek Malik vivek.ma...@gmail.com wrote:
The documentation also says
In HTTP mode, it is possible to rewrite, add or delete some of the request
and
response headers based on regular expressions. It is also possible to block
a
request or a response if a particular header matches a regular expression,
which is enough to stop most elementary protocol attacks, and to protect
against information leak from the internal network. But there is a
limitation
to this : since HAProxy's HTTP engine does not support keep-alive, only
headers
passed during the first request of a TCP session will be seen. All
subsequent
headers will be considered data only and not analyzed. Furthermore, HAProxy
never touches data contents, it stops analysis at the end of headers.
The above confuses me about keep-alive. Please suggest if this applies in
http mode.
On Wed, Oct 26, 2011 at 6:15 PM, Vincent Bernat ber...@luffy.cx wrote:
OoO En cette nuit nuageuse du jeudi 27 octobre 2011, vers 00:02, Vivek
Malik vivek.ma...@gmail.com disait :
We have been using haproxy in production for around 6 months while
using httpclose. We use functions like reqidel, reqadd to manipulate
request headers and use_backend to route a request to a specific
backend.
We run websites which often have ajax calls and load javascripts and
css files from the server. Thinking about keep alive, I think it
would be desired to keep client side keep alive so that they can
reuse connections to load images, javascript, css and make ajax calls
over it.
From a haproxy request processing and manipulating perspective, Is
there a difference between http-server-close and httpclose? Would
reqadd/reqidel/use_backend work on subsequent requests during client
side keep alive too?
Yes. From the documentation:
,
| By default HAProxy operates in a tunnel-like mode with regards to
persistent
| connections: for each connection it processes the first request and
forwards
| everything else (including additional requests) to selected server. Once
| established, the connection is persisted both on the client and server
| sides. Use option http-server-close to preserve client persistent
connections
| while handling every incoming request individually, dispatching them one
after
| another to servers, in HTTP close mode. Use option httpclose to switch
both
| sides to HTTP close mode. option forceclose and option
| http-pretend-keepalive help working around servers misbehaving in HTTP
close
| mode.
`
--
Vincent Bernat ☯ http://vincent.bernat.im
Make sure input cannot violate the limits of the program.
- The Elements of Programming Style (Kernighan Plauger)
