HAProxy redirect with query string


#1

I am a newby to HAProxy and I could really use some help with redirecting a URL with a query string. I have a redirect in place that is working, but it doesn’t pass the query string with it. This is what I am looking to do…

http-request redirect location https://whatever.domain2.com?cst=klsncbu54dsf9hf98 code 301 if { hdr(host) -i whatever.domain1.io?cst=klsncbu54dsf9hf98 }

If I take off everything after the ? on both url’s the redirect works as expected. The query params are supposed to log a test user in to the site.

Any help with this would be great.


#2

Whats wrong is that whatever.domain1.io?cst=klsncbu54dsf9hf98 is not a Host header, and is not ever present as a Host header. So you need to match the correct host header and URI. Also, since your are not changing the URI anyway, redirect prefix suffices perfectly.

So what we need to match is:

  • a host header which is whatever.domain1.io
  • a path that is / (we can probably skip this part)
  • a query string that is cst=klsncbu54dsf9hf98

So I suggest we construct the ACL like this:

{ hdr(host) -i whatever.domain1.io } { path / } { query -i cst=klsncbu54dsf9hf98 }

and redirect prefix instead of a fixed location:

redirect prefix https://whatever.domain2.com

So this becomes:

redirect prefix https://whatever.domain2.com if { hdr(host) -i whatever.domain1.io } { path / } { query -i cst=klsncbu54dsf9hf98 }

#3

Thanks for the reply and help. I have added your suggestion, but I am getting an error when I try to save the haproxy.cfg

[ALERT] 140/163115 (31743) : parsing [/etc/haproxy/haproxy.cfg:615] : error detected in backend ‘https_backend’ while parsing redirect rule : error in condition: unknown fetch method ‘query’ in ACL expression ‘query’.
[ALERT] 140/163115 (31743) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg

It is redirecting the the url right, it just doesn’t look like it is passing the query params still.
I am running version 1.5.2 if that helps. Let me know if you need anymore info.


#4

Upgrade. Not only is haproxy 1.5 in “critical fixes only”, haproxy 1.5.2 specifically has 199 bugs.

Please upgrade to a stable haproxy release, you seem to need the features and you certainly need the bugfixes.


#5

Ok, thanks for your help on this.


#6

I appreciate all your help with this. I was able to get my haproxy upgraded to 1.8.9 and added your suggestion and it works great. I just have one more question…is there a way to redirect with a query string if the query string is not the same? For example if I have one member with a query string cst=123456789 and another with cvt=23456780. Is it even possible?