HAProxy 1.7.10 (pfSense) here.
I’ve got a TLS/SSL enabled frontend that’s configured to unconditionally send the Strict-Transport-Security HTTP response header, e.g.
http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains"
This works, but only for successful responses (from the HAProxy point of view).
If there’s a HAProxy generated error response such as HTTP 503, the header is missing and I’d like to have it there as well.
For example Apache has the always condition its the Header directive designed for such purpose: http://httpd.apache.org/docs/current/mod/mod_headers.html#header
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
Is it somehow possible to achieve this with HAProxy?