Inline acl with variable in statement condition

Let’s have following backend configuration:

HAProxy version 2.4.24-0ubuntu0.22.04.1 2023/10/31 - https://haproxy.org/

backend back-test
    http-request set-var(req.instance) hdr(X-Instance-Name)
    http-request set-var(req.instance) urlp(instanceName) unless { var(req.instance) -m found }

  # force-persist if { var(req.instance) -m str 1 2 }    #1
  # acl acl-force-persist var(req.instance) -m str 1 2   #2

    acl acl-force-persist urlp(instanceName)                -m str 1 2
    acl acl-force-persist hdr(X-Push-Service-Instance-Name) -m str 1 2
    force-persist if acl-force-persist

    use-server srv-production-1 if { var(req.instance) -m str 1 }
    use-server srv-production-2 if { var(req.instance) -m str 2 }    
  • The lines in comments don’t not work as expected (by me).
  • The lines not in comments work correctly.
  • The use-server statement behaves correctly depending on th req.instance variable value, thus I would hope, the inline ACL form is correct also as the variable definition and variable value extracted from header or url parameter at runtime.
  • The http-request statement also behaves correctly using inline ACL with variable check predicate.
  • Unfortunately, when the same ACL form is used in force-persist
    statement, it behaves like there is always FALSE provided (line
    #1).
  • Similarly for the ACL definition itself, it looks like the variable has no value (line #2), so the ACL must be defined the more verbose/repetitive way (below).

What is wrong with the expectations on the commented lines?

  1. It is not “legal” to use inline ACL for some of the configuration statements?
  2. It is not “legal” to use request variables in ACL definition?