Errorfile not working


#1

I am trying to use a custom error file and instead I get a 408 request timeout.

My current setup is my haproxy is running behind an ELB out in AWS.

My config is:
global
log 127.0.0.1 local0
log-send-hostname
lua-load /etc/haproxy/validate_jwt.lua
debug
daemon

defaults
        log     global
        mode    http
        option  httplog
        option  dontlognull
        option  logasap
        timeout connect 5000
        timeout client  50000
        timeout server  50000
        errorfile 403 /etc/haproxy/errorfiles/403error.http

frontend http_front
        bind *:${FE_PORT}
        monitor-uri /api/v1/health

        http-request deny if !{ cook('jwt') -m found } !{ cook('cpAccountsJwt') -m found }

        acl valid_jwt lua.validate_jwt -m bool

        http-request deny if !valid_jwt

        http-response del-header X-Frame-Options

        use_backend %[req.hdr(host),lower,map_dom(/etc/haproxy/aoobm_tunnel.map)]


backend be_1a9109498b16029e409542c8f08ef359-qa2
        server srv0 10.205.176.203:30089
backend be_2514131711c38b63e59fb4d5a7eaf3b6-qa2
        server srv1 10.205.177.110:30091
backend be_3e1adc1008eab307e752a045f0ddc299-qa2
        server srv2 10.205.177.110:30083
backend be_cd35febcca3f445a40ca7bac875d483b-qa2
        server srv3 10.205.176.203:30085
backend be_d8ffc844e247de743a7fbb83154effa5-qa2
        server srv4 10.205.177.110:30087

The 403error.http looks like:

HTTP/1.0 403 Forbidden
Cache-Control: no-cache
Connection: close
Content-Type: text/html


<html>
    <head>
        <title>Connection Permissions Error</title>
    </head>
    <body style="font-family:Trebuchet MS, Helvetica Neue, HelveticaNeue, Helvetica, Lato, Arial, Lucida Grande, sans-serif;background:#fff;pad
ding: 10px 15px;">
        <div style="text-align:center">
            <br>
            <h2 style="font-size:16px">
                You do not have sufficient account privleges to<br/>
                preform the requested action
            </h2>
        </div>
    </body>
</html

In my logs I plainly see HAProxy detecting a 403:

haproxy[84]: 10.205.63.45:31677 [01/Jun/2017:00:53:16.377] http_front http_front/ 0/-1/-1/-1/+0 403 +633 - - PR-- 13/13/0/0/0 0/0 “GET / HTTP/1.1”

What the heck am I doing wrong??


#2

I guess I need to RTFM a little bit better. I found the comment about making sure to use CRLF instead of LF in the HTTP code. So in short changing LF to CRLF on the file made everything work.