HAProxy Enterprise Documentation 12.0

Rewriting HTTP Requests, Methods, or Headers

HTTP rewrites change the request as it moves between the node and the backends transparently ( as opposed to redirects, which tell the client to send the request to another URL. ) It is frequently used to maintain compatibility between old and new URLs or to turn user-friendly URLs into CMS-friendly URLs, etc.

In HAProxy, rewriting HTTP requests or responses depends on two types of configuration directives :

  • HTTP rules : http-request and http-response ( recommended )
  • bequest rules ( even utilitarian ) : reqrep / reqirep and rsprep / rspirep

Warning Beware that HTTP rewriting may have side impacts on Web applications.

Rewriting HTTP Requests

In this modality, HAProxy rewrites requests sent from clients before it forwards them to the server.

Change the HTTP request method

HAProxy can change the HTTP method acting of the request from the node using the follow directive :

 # Used in the a frontend, listen, or backend department    http-request set-method   [ ]

This directing expects the trace parameters :

parameter description
A logarithm format variable
( optional ) A stipulate to apply this dominion

Change GET to POST on the /login url of the web site :

 # Used in the a frontend, listen, or backend section    acl url_login  path_beg -i /login
    http-request set-method POST  if METH_GET url_login

Turn a GET method acting into a position if there is data in the body of the request :

 # Used in the a frontend, listen, or backend section    acl request_data req.hdr_val (Content-Length ) gt  0
    http-request set-method POST  if METH_GET request_data

Add a header

HAProxy can add a Header field to the request from the node using the surveil directing :

 # Used in the a frontend, listen, or backend part    http-request add-header    [ ]

This directing expects the comply parameters :

parameter description
The name of the header to create
A log format variable
( optional ) A condition to apply this govern

Add a X-Forwarded-For containing the customer IP address :

 # Used in the a frontend, listen, or backend section    http-request add-header X-Forwarded-For % [src ]

Add a X-Forwarded-For containing the client IP address if none were already present :

 # Used in the a frontend, listen, or backend department    acl h_xff_exists req.hdr (X-Forwarded-For ) -m found
    http-request add-header X-Forwarded-For % [src ] unless h_xff_exists

Set a header

HAProxy can set a Header battlefield in the request from the node using the following directive :

 # Used in the a frontend, listen, or backend section    http-request set-header    [ ]

note set-header removes first any header in existing sphere that matches . This directing expects the come parameters :

argument description
The name of the header to set
A log format variable
( optional ) A condition to apply this convention

Erase any existing X-Forwarded-For and creates a new one containing the customer IP address :

 # Used in the a frontend, listen, or backend section    http-request set-header X-Forwarded-For % [src ]

Change the Host header field when traffic is redirected to the care back conclusion :

backend maintenance
    http-request set-header Host maintenance.domain.com

Delete a header in the HTTP request

HAProxy can delete a Header field from the request from the customer using the follow directive :

 # Used in the a frontend, listen, or backend segment    http-request del-header   [ ]

This directive expects the following parameters :

argument description
The name of the header to delete
( optional ) A condition to apply this rule

Delete any existing X-Forwarded-For header field :

 # Used in the a frontend, listen, or backend department    http-request del-header X-Forwarded-For

Delete all cookies before sending a request to the cache ( varnish / nginx ) servers :

backend b_caches
    acl at_least_one_cookie req.cook_cnt ( ) gt  0
    http-request del-header Cookie  if at_least_one_cookie

Replace all values in an HTTP header field

bill HTTP RFC specifies that the comma , character is a Header field delimiter. It means that :

X-Forwarded-For: 192.168.0.1, 10.0.0.1

is equivalent to :

X-Forwarded-For: 192.168.0.1
X-Forwarded-For: 10.0.0.1

HAProxy can update a Header field value while taking into account the integral line, regardless of comma :

 # Used in the a frontend, listen, or backend section    http-request replace-header     [ ]

This directing expects the comply parameters :

parameter description
The identify of the header to update
A regex to match the content to update
A log format variable for the raw respect
( optional ) A condition to apply this rule

To update an X-Forwarded-For header to add the client IP at the exceed of the list :

 # Used in the a frontend, listen, or backend section
    acl h_xff_exists req.hdr (X-Forwarded-For ) -m found
    http-request replace-header X-Forwarded-For  (.* ) % [src ],1  if h_xff_exists

The example above updates the string below :

X-Forwarded-For: 192.168.100.1, 10.0.0.2

to become the following one ( considering the client IP is 172.16.0.2 ) :

X-Forwarded-For: 172.16.0.2, 192.168.100.1, 10.0.0.2

Replace a given value of an HTTP header field

note HTTP RFC specifies that the comma , character is a Header field delimiter.

It means that

X-Forwarded-For: 192.168.0.1, 10.0.0.1

is equivalent to :

X-Forwarded-For: 192.168.0.1
X-Forwarded-For: 10.0.0.1

HAProxy can update a Header playing field value while taking into history the comma character as a centrifuge. It means that the update will apply to each person value.

 # Used in the a frontend, listen, or backend section    http-request replace-value     [ ]

This directive expects the adopt parameters :

parameter description
The name of the header to update
A regex to match the content to update
A log format variable for the new respect
( optional ) A condition to apply this rule

To update each Host header to remove the colon and port, if any :

 # Used in the a frontend, listen, or backend incision    http-request replace-value Host  (.* ):.*  1

The case above updates the string below :

Host: www.domain.com:80, static.domain.com:8080

into the following one :

Host: www.domain.com, static.domain.com

Rewriting HTTP URLs

URL rewrite is the proficiency used to “ translate ” a cryptic URL into a user-friendly one that the server can understand.

Set the URL path

HAProxy can rewrite the path of the HTTP request :

 # Used in the a frontend, listen, or backend section    http-request set-path   [ ]

This directing expects the follow parameters :

parameter description
alias name= ” # statement ” log format variable
( optional ) A discipline to apply this principle

To change the URL path for JPG images from the /images/ directory on the server, only if not already set :

 # Used in the a frontend, listen, or backend section    acl p_ext_jpg path_end -i .jpg
    acl p_folder_images path_beg -i /images/
    http-request set-path /images/% [path ]  if !p_folder_images p_ext_jpg

The model above changes the requests below :

GET /images/flower.jpg HTTP/1.1
GET /daisy.jpg HTTP/1.1

into the follow ones, respectively :

GET /images/flower.jpg HTTP/1.1
GET /images/daisy.jpg HTTP/1.1

Set the query string

HAProxy can rewrite the question string of the HTTP request :

 # Used in the a frontend, listen, or backend part    http-request set-query   [ ]

This directive expects the pursuit parameters :

parameter description
A log format variable
( optional ) A condition to apply this rule

Replace % 3D with “ = ” in the question string :

 # Used in the a frontend, listen, or backend incision    http-request set-query % [query,regsub (%3D, =,g ) ] 

Reorder the parameters in the question string to ensure the user parameter comes before the group parameter :

 # Used in the a frontend, listen, or backend section    http-request set-query  user =% [urlp (user ) ] & group =% [urlp (group ) ]

The exemplar above changes the request below :

GET /test.php?group=admin&user=foo HTTP/1.1

into the following one :

GET /test.php?user=foo&group=admin HTTP/1.1

Set the URI

HAProxy can rewrite the stallion URI chain of the HTTP request. This includes HTTP scheme, authority, path, and question string :

 # Used in the a frontend, listen, or backend part    http-request set-uri   [ ]

This directive expects the follow parameters :

argument description
a log format variable
( optional ) a condition to apply this rule

To create a full url when forwarding traffic to a proxy server :

backend b_squid
    acl https ssl_fc
    http-request set-uri https://% [req.hdr (Host ) ]% [path ]?% [query ]  if https
    http-request set-uri http://% [req.hdr (Host ) ]% [path ]?% [query ] unless https

The case above changes the request below :

GET /test.php?group=admin&user=foo HTTP/1.1
        Host: www.domain.com

into the following one if the user got connected over HTTP on HAProxy :

GET http://www.domain.com/test.php?group=admin&user=foo HTTP/1.1

or into the following one if the drug user got connected over HTTPs on HAProxy :

GET https://www.domain.com/test.php?group=admin&user=foo HTTP/1.1

note In this case, you should turn GET into CONNECT ampere good.

Rewriting Anywhere in the Request Using Regexes

The bequest statements reqrep and reqirep are still utilitarian in cases not so far covered by http-request rules. The statement reqrep applies a regex to each line of the request buffer in a case sensitive manner. As does reqirep, which is case insensitive :

reqrep     [ ] reqirep    [ ]

This directing expects the watch parameters :

argument description
A regular formula to search the capacity to replace
A even expression to apply the modification
[] ( optional ) A condition to apply this rule

HAProxy uses PCRE compatible regular expressions. For more information about PCRE syntax, see Regex Quick Start and Regex Cheat Sheet. Replace jpg booklet with images in the HTTP URL path :

reqrep ^ ( [^  ]* ) /jpg/ (.* )      1 /images/2

Rewrite the Host header from static.domain.com to www.domain.com

 # Used in the a frontend, listen, or backend section     h_static hdr (Host ) -m beg static.domain.com
     reqirep ^Host: static.domain.com      Host: www.domain.com  if h_static

Rewriting HTTP responses

In this mood, HAProxy rewrites responses sent from the server before it forwards them to the node.

Add a header in the response

HAProxy can add a Header discipline to the response from the server using the keep up directive :

 # Used in the a frontend, listen, or backend incision    http-response add-header    [ ]

This directing expects the follow parameters :

parameter description
the appoint of the header to create
a log format variable
( optional ) a condition to apply this rule

Add a header field X-Via containing the customer name of the current HAProxy server processing the dealings :

 # Used in the a frontend, listen, or backend section    http-response add-header X-Via % [env (HOSTNAME ) ]

Add a header field containing the back end and waiter name that processed the answer :

 # Used in the a frontend, listen, or backend section    http-response add-header X-App-Server %b/%s

This will insert the following header :

X-App-Server: b_app/appsrv1

Set a header in the response

HAProxy can set a Header field in the response from the waiter using the following directing :

 # Used in the a frontend, listen, or backend section    http-response set-header    [ ]

note set-header removes first any existing header field matching This directing expects the follow parameters :

argument description
The name of the header to set
A log format variable
( optional ) A condition to apply this convention

To hide the header Server set by the server :

 # Used in the a frontend, listen, or backend segment    http-response set-header Server webserver

Delete a header in the response

HAProxy can delete a Header plain from the response sent by the server using the comply directive :

 # Used in the a frontend, listen, or backend section    http-response del-header   [ ]

This directing expects the trace parameters :

parameter description
The appoint of the heading to delete
( optional ) A discipline to apply this rule

To delete certain headers set by varnish :

backend b_static
    http-response del-header X-Varnish
    http-response del-header X-Varnish-Cache
    http-response del-header X-Varnish-Server
    http-response del-header X-Cache

Replace all values of a header field

note HTTP RFC specifies that the comma , character is a Header field delimiter. It means that

X-Forwarded-For: 192.168.0.1, 10.0.0.1

is equivalent to :

X-Forwarded-For: 192.168.0.1
X-Forwarded-For: 10.0.0.1

HAProxy can update a Header field rate while taking into account the hale trace, regardless of comma :

 # Used in the a frontend, listen, or backend section    http-response replace-header     [ ]

This directive expects the follow parameters :

parameter description
The appoint of the header to update
A regex to match the contented to update
A log format variable for the new value
( optional ) A condition to apply this rule

To update the cookie JSESSIONID hardened by the server with the Secure flag if the client side connection is ciphered :

 # Used in the a frontend, listen, or backend section    acl https          ssl_fc
    acl secured_cookie res.cook (JSESSIONID ),lower -m sub secure
    http-response replace-header Set-Cookie  (.* )  1 ; Secure  if https !secured_cookie

bill This assumes that the server sets up a one cookie.

Replace a particular value of a header field

note HTTP RFC specifies that the comma , quality is a Header field delimiter. It means that

X-Forwarded-For: 192.168.0.1, 10.0.0.1

is equivalent to :

X-Forwarded-For: 192.168.0.1
X-Forwarded-For: 10.0.0.1

HAProxy can update a Header sphere value while taking into account the comma , character as a centrifuge. This means that the update applies to each individual value.

 # Used in the a frontend, listen, or backend section    http-response replace-value     [ ]

This directive expects the postdate parameters :

parameter description
The name of the heading to update
A regex to match the content to update
A log format variable star for the new value
( optional ) A stipulate to apply this rule

To insert a guarantee flag on each cookie set up by the server :

 # Used in the a frontend, listen, or backend section    http-response replace-value Set-Cookie  (.* )   1 ; Secure

future up Caching Small Objects

reference : https://themedipia.com
Category : Website hosting

Leave a Reply

Your email address will not be published.