I have configured a frontend with some header manipulation, mostly for security:
frontend ft_web bind :::443 v4v6 ssl crt /etc/haproxy/certs/ alpn h2,http/1.1 curves secp384r1 reqidel ^x-forwarded.* http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains;" use_backend bk_group1 backend bk_group1 server localhost1 localhost:8000 send-proxy check
In this case, the headers are not modified. But when I remove send-proxy from the backend server, and reconfigure my backend to not use the proxy protocol the header manipulations work. I added my bind to indicate I also use http/2.0.
Does the send-proxy directive manipulate the connection mode to tunnel mode?