ACL rule which works only if ALL header values are in the whitelist

August 1, 2022, 2:33 pm

≫ Next: Haproxy as a load balancer to Exchange DAG

≪ Previous: Try to redirect path to another

Hi people!

I need to create an ACL rule which will work only if ALL values from a header are in the whitelist.

I’ve created a small whitelist:

foo
bar

And this is my haproxy.cfg:

defaults
    mode http

frontend http_frontend
    bind *:80
    acl valid-hdr req.hdr(x-my-header) -m str -f /usr/local/etc/haproxy/whitelist.lst
    use_backend mysite if valid-hdr

backend mysite
    server mysite 172.10.1.1:80 check

What I want:

X-My-Header: foo - valid
X-My-Header: bar - valid
X-My-Header: foo,bar - valid
X-My-Header: bar,foo - valid
X-My-Header: bar,something,foo - NOT valid

What I get:
Actually all requests are considered to be valid if AT LEAST one of ‘foo’, ‘bar’ present in the header value.

1 post - 1 participant

Read full topic

↧