Upgrade from 1.8 to 2.6

Hello,

I try to upgrade from HAproxy 1.8 to 2.6 and have to replace a lot of values, as many of them are not valid anymore, and I need a bit help:

  • Example 1:

reqirep ^([^:\ ]+\ +)/(/.+)/(/.+)/(/.+)/(/.+)$ \1\2\3\4\5 if { path_beg // }

This is required, to remove double // on a URL, which is from a broken upstream app, which is not under our control.

I’ve tried to use:

http-request replace-path ^([^:\ ]+\ +)/(/.+)/(/.+)/(/.+)/(/.+)$ \1\2\3\4\5 if { path_beg // }

but, I assume, that is wrong and would not work.

  • Example 2:
    reqirep ^(GET|POST|HEAD)\ /iframes/(.*) \1\ /\2 if iframe
    reqirep ^(GET|POST|HEAD)\ /3dss/(.*) \1\ /\2 if 3dsecure
    reqirep ^(GET|POST|HEAD)\ /wix/(.*) \1\ /\2 if wix
    rspirep ^Location:\ (http|https)://fra-test-iframes.example.local\/(.*)   Location:\ \1://%[hdr(host)]/iframes/\2  if response-is-redirect
    rspirep ^Location:\ /(.*)   Location:\ /3dss/\1  if 3dsecure_redirect
    rspirep ^Location:\ /(.*)   Location:\ /wix/\1  if wix_redirect

this block I’ve tried to replace with:

    http-request replace-header ^(GET|POST|HEAD)\ /iframes/(.*) \1\ /\2 if iframe
    http-request replace-header ^(GET|POST|HEAD)\ /3dss/(.*) \1\ /\2 if 3dsecure
    http-request replace-header ^(GET|POST|HEAD)\ /wix/(.*) \1\ /\2 if wix
    http-request replace-header ^Location:\ (http|https)://fra-test-iframes.example.local\/(.*)   Location:\ \1://%[hdr(host)]/iframes/\2  if response-is-redirect
    http-request replace-header ^Location:\ /(.*)   Location:\ /3dss/\1  if 3dsecure_redirect
    http-request replace-header ^Location:\ /(.*)   Location:\ /wix/\1  if wix_redirect

but, HAproxy is not happy about it:

config : parsing [/opt/consul-template/data/haproxy.cfg:340] : error detected in backend 'appint' while parsing 'http-request replace-header' rule : regex '\1 /\2' is invalid (error=reference to non-existent subpattern, erroffset=1).

It would be nice, if someone can help me, to get it converted to 2.6

cu denny

Example 1:
HAProxy documentation for 2.6 says to use http-request replace-path <match-regex> <replace-fmt>
Assuming the path always begins with // in the app

http-request replace-path ^//(.*) /\1

I wouldn’t think one would need any if/unless statement, but modify to your needs.

Example 2:

    reqirep ^(GET|POST|HEAD)\ /iframes/(.*) \1\ /\2 if iframe

This appears to be another rewrite request in which case you would use something like the first example:

    http-request replace-path /iframes/(.*) /\1 if iframe

As for the Location header:

    rspirep ^Location:\ /(.*)   Location:\ /3dss/\1  if 3dsecure_redirect

should translate to

    http-response replace-header Location (.*) /3dss/\1 if 3dsecure_redirect

Some helpful links:

Hope these examples help!

1 Like

Hi @stormrover

thanks for the reply and help … I tried yesterday a littlebit out … and its a bit confusing …

As for examble to:

http-request replace-header ^(GET|POST|HEAD) /iframes/(.*) \1\ /\2 if iframe
http-request replace-header ^(GET|POST|HEAD) /3dss/(.*) \1\ /\2 if 3dsecure
http-request replace-header ^(GET|POST|HEAD) /wix/(.*) \1\ /\2 if wix
http-request replace-header ^Location (http|https)://fra-test-iframes.inatec.local\/(.*)   Location:\ \1://%[hdr(host)]/iframes/\2  if response-is-redirect
http-request replace-header ^Location /(.*)   Location:\ /3dss/\1  if 3dsecure_redirect

I just removed the trailing \ after ^(GET|POST|HEAD) and HAproxy was then happy … and also on many other lines … I had to remove the : on the end.

But thanks for the examples … I have to try them out :slight_smile:

cu denny

Be sure to do plenty of testing. Looking at the original block and the latest new block, I’m not sure the two will give you the same results.

In 1.8, reqirep was used to rewrite a request, so a line that was always in the form of “Method URI HTTP-Version” (going a little from memory, but that looks right to me :slightly_smiling_face:)

In 2.6, http-request replace header will ONLY replace header values, and they’re looking for the value of “^(GET|POST|HEAD)” which, though it passes syntax checks, I don’t think will actually do anything. I could be wrong, so please test thoroughly.

1 Like