http-response configuration directives to rewrite HTTP responses before they are sent back to clients. You can place them into a
backend section. The client will see something different than what the server sees.
Add a header
http-response add-header to add a header to the response before relaying it back to the client. In the example below, we add an X-Via header containing the hostname of the current HAProxy Enterprise server processing the traffic:
frontend www bind :80 http-response add-header X-Via %[env(HOSTNAME)] use_backend webservers
Set a header
http-response set-header to change the current value of a header. In the example below, we give the Server header the value webserver, which can be useful for hiding the true name of the server:
frontend www bind :80 http-response set-header Server webserver use_backend webservers
Delete a header
http-response del-header to remove a header. Below, we delete several headers that are set by Varnish:
backend b_static http-response del-header X-Varnish http-response del-header X-Varnish-Cache http-response del-header X-Varnish-Server http-response del-header X-Cache # servers list...
Replace a header by using a regular expression
http-response replace-header to change a header by using a regular expression. Below, we update the Cookie header named JSESSIONID, which was set by the server, with the Secure flag if the client-side connection is ciphered:
frontend www bind :80 acl https ssl_fc acl secured_cookie res.cook(JSESSIONID),lower -m sub secure http-response replace-header Set-Cookie (.*) "\1; Secure" if https !secured_cookie use_backend webservers
We use a regular expression capture group to capture the whole, existing value. Then, we add the new flag to the end, after a semi-colon. This assumes that the server sets up a single cookie. HTTP RFC specifies that the comma
, character is a header field delimiter.
Replace part of a header by using a regular expression
http-response replace-value to capture part of a header's value by using a regular expression and then replace that part with a new one. In the example below, we insert a Secure flag on each cookie set up by the server:
frontend www bind :80 http-response replace-value Set-Cookie (.*) \1;\ Secure use_backend webservers
In cases where a header has multiple values, they are expected to be separated by a comma. HAProxy Enterprise looks for commas and applies the replacement to each value it finds.