Hi,

On 16.03.2017 08:51, Jarno Huuskonen wrote:
> Hi,
> 
> On Thu, Mar 16, Devendra Joshi wrote:
>> Any one one know how to set X-Frame-Options with SAMEORIGIN & ALLOW-FROM in
>> HaProxy
>>
>> I added one setting in haproxy config file but showing error.
>>
>> acl main_site req.hdr(Host) http://www.abc.com
>> http-response add-header X-Frame-Options:\ ALLOW-FROM\ http://oms.abc.com if
>> main_site
>> http-response add-header X-Frame-Options:\ SAMEORIGIN if ! main_site
> 
> http-response add-header X-Frame-Options ALLOW-FROM\ http://oms.abc.com if 
> main_site
> http-response add-header X-Frame-Options SAMEORIGIN if ! main_site
> (https://cbonte.github.io/haproxy-dconv/1.5/configuration.html#4-http-response)
> 
> (but AFAIK the request acl won't work on http-response rule).

Just for your info. In haproxy 1.6 and higher you can do something like this
--
frontend fe_default

..

capture request header Host len 128

http-request set-var(txn.Host) req.hdr(Host)
acl main_site var(txn.Host) -m dom -i www.abc.com

http-response set-header X-Frame-Options 'http://oms.abc.com' if {
capture.req.hdr(0) -m found } main_site
http-response set-header X-Frame-Options 'SAMEORIGIN' if {
capture.req.hdr(0) -m found } main_site
---

cheers,
thomas


> 
> -Jarno
> 
>>
>> Error is :
>> [ALERT] 074/100716 (29069) : parsing [/opt/haproxy-ssl/haproxy.cfg:42]:
>> 'http-response add-header' expects exactly 2 arguments.
>> [ALERT] 074/100716 (29069) : parsing [/opt/haproxy-ssl/haproxy.cfg:43]:
>> 'http-response add-header' expects exactly 2 arguments.
>>
>> Please suggest what syntax should i use for this.
>> I am using HA-Proxy version 1.5.14
> 




Reply via email to