无法在 HAProxy 中设置 header
Unable to set header in HAProxy
我试图在响应 header 中覆盖 Access-Control-Allow-Origin(如在浏览器的网络监视器中),来自此
Access-Control-Allow-Origin: *
至此
Access-Control-Allow-Origin: https://my-domain.com
当请求的资源是图片(.png)或字体(.woff/2)时,每次访问网站时https://my-domain.com:8081 .请求的图像 'Host: ' header 是 my-domain.com,而字体是 fonts.gstatic.com.
出于某种原因,当请求的资源是 woff 字体时,header 不会被覆盖 - 尝试使用“# NOK”下的所有组合,如下所述。
我可能遗漏了什么?
frontend HEADERS
bind *:8081 ssl crt my_domain.pem
capture request header origin len 128
acl hostname hdr(host) -i my-domain.com:8081
acl hostname_font hdr(host) -i fonts.gstatic.com
acl images path_end .png
acl fonts path_end .woff .woff2
# OK
use_backend SET_HEADER if hostname images
# NOK
# use_backend SET_HEADER if hostname_font fonts
# use_backend SET_HEADER if fonts
# use_backend SET_HEADER if hostname_font
# Default
use_backend NO_SET_HEADER
backend NO_SET_HEADER
mode http
balance leastconn
http-request set-header X-Forwarded-Proto https if { ssl_fc }
http-request set-header X-Forwarded-Host %[req.hdr(Host)]
http-request set-header Host some-other-domain.com
server SOME-OTHER-DOMAIN-BE-01 10.10.0.5:443 ssl verify none check weight 1
server SOME-OTHER-DOMAIN-BE-02 10.10.0.6:443 ssl verify none check weight 1
backend SET_HEADER
mode http
balance leastconn
http-response set-header Access-Control-Allow-Origin https://my-domain.com
http-request set-header X-Forwarded-Proto https if { ssl_fc }
http-request set-header X-Forwarded-Host %[req.hdr(Host)]
http-request set-header Host some-other-domain.com
server SOME-OTHER-DOMAIN-BE-01 10.10.0.5:443 ssl verify none check weight 1
server SOME-OTHER-DOMAIN-BE-02 10.10.0.6:443 ssl verify none check weight 1
正如@mweiss 所提到的,这实际上是预期的行为 - 对 fonts.gstatic.com 的请求从不在 HAProxy 主机上 'land'。因此,无法编辑页眉。
我试图在响应 header 中覆盖 Access-Control-Allow-Origin(如在浏览器的网络监视器中),来自此
Access-Control-Allow-Origin: *
至此
Access-Control-Allow-Origin: https://my-domain.com
当请求的资源是图片(.png)或字体(.woff/2)时,每次访问网站时https://my-domain.com:8081 .请求的图像 'Host: ' header 是 my-domain.com,而字体是 fonts.gstatic.com.
出于某种原因,当请求的资源是 woff 字体时,header 不会被覆盖 - 尝试使用“# NOK”下的所有组合,如下所述。
我可能遗漏了什么?
frontend HEADERS
bind *:8081 ssl crt my_domain.pem
capture request header origin len 128
acl hostname hdr(host) -i my-domain.com:8081
acl hostname_font hdr(host) -i fonts.gstatic.com
acl images path_end .png
acl fonts path_end .woff .woff2
# OK
use_backend SET_HEADER if hostname images
# NOK
# use_backend SET_HEADER if hostname_font fonts
# use_backend SET_HEADER if fonts
# use_backend SET_HEADER if hostname_font
# Default
use_backend NO_SET_HEADER
backend NO_SET_HEADER
mode http
balance leastconn
http-request set-header X-Forwarded-Proto https if { ssl_fc }
http-request set-header X-Forwarded-Host %[req.hdr(Host)]
http-request set-header Host some-other-domain.com
server SOME-OTHER-DOMAIN-BE-01 10.10.0.5:443 ssl verify none check weight 1
server SOME-OTHER-DOMAIN-BE-02 10.10.0.6:443 ssl verify none check weight 1
backend SET_HEADER
mode http
balance leastconn
http-response set-header Access-Control-Allow-Origin https://my-domain.com
http-request set-header X-Forwarded-Proto https if { ssl_fc }
http-request set-header X-Forwarded-Host %[req.hdr(Host)]
http-request set-header Host some-other-domain.com
server SOME-OTHER-DOMAIN-BE-01 10.10.0.5:443 ssl verify none check weight 1
server SOME-OTHER-DOMAIN-BE-02 10.10.0.6:443 ssl verify none check weight 1
正如@mweiss 所提到的,这实际上是预期的行为 - 对 fonts.gstatic.com 的请求从不在 HAProxy 主机上 'land'。因此,无法编辑页眉。