Hi Alexander,
Alexander Lebedev wrote:
> I want to implement CSRF check with haproxy.
> I want to check cookie value matched the header value and deny request
> if they're didn't equal.
The ACLs are only equipped to compare a dynamic value (e.g. from a
fetch) with a statically define value. It
Aleksandar, Hello!
No, it does not help.
haproxy -vv output:
HA-Proxy version 1.7.4 2017/03/27
Copyright 2000-2017 Willy Tarreau
Build options :
TARGET = solaris
CPU = generic
CC = /pub/site/opt/bin/gcc
CFLAGS = -O2 -g -fno-strict-aliasing
Am 10-04-2017 10:55, schrieb Alexander Lebedev:
Hello!
I want to implement CSRF check with haproxy.
I want to check cookie value matched the header value and deny request
if they're didn't equal.
Something like this:
alc token_valid req.cook(token) %[req.hdr(token)]
http-request deny unless
Hello!
I want to implement CSRF check with haproxy.
I want to check cookie value matched the header value and deny request if
they're didn't equal.
Something like this:
alc token_valid req.cook(token) %[req.hdr(token)]
http-request deny unless token_valid
But I can't find the way to perform
4 matches
Mail list logo