HAProxy community

Override CORS without body from backend

#1

Hi folks.

I override CORS on haproxy level for some origin.

I use next rules:

frontend
        ...
	http-request set-var(txn.origin) req.hdr(Origin)
	acl override_cors var(txn.origin) -m end -i console.XXX
	acl override_cors var(txn.origin) -m sub -i console.XXX
	http-request set-var(txn.override_cors) bool(false) unless override_cors
	http-request set-var(txn.override_cors) bool(true) if override_cors
        use_backend backend

backend
        ...
	http-response add-header Vary Origin if { var(txn.origin) -m len gt 1 }
	acl override_cors var(txn.override_cors),bool
	acl res_status_403 status eq 403
	http-response set-status 200 if res_status_403 override_cors METH_OPTIONS
	http-response set-header Content-Length 0 if override_cors METH_OPTIONS
	http-response set-header Access-Control-Allow-Headers origin,\ content-length,\ content-type,\ content-md5 if override_cors
	http-response set-header Access-Control-Allow-Origin %[var(txn.origin)] if override_cors
	http-response set-header Access-Control-Allow-Methods GET,\ HEAD,\ POST,\ OPTIONS,\ PUT,\ DELETE if override_cors
	http-response set-header Access-Control-Max-Age 600 if override_cors
        ...

it works perfectly but my real backend server sends me back 403 with some xml-body. As you can see, i override headers but body sands to clients as is.

How can i drop the body of real server response? Or how can i do not send request to the real server?

haproxy version is 1.8.8 without LUA.

0 Likes