X-Accel or X-Sendfile

X-Accel (also known as X-Sendfile or X-Accel-Redirect) is a nice feature that allows a backend app to provide a private URL to the loadbalancer so the backend is free from large-file processing. The loadbalancer is then responsible for serving the contents of the file to the end-user. While a HTTP 301/302 redirect can work in many cases, there are times when the app developer may want to keep the final location secret (e.g., AWS S3 bucket name and path).

Nginx talks about the feature here: X-Accel | NGINX

Lighttpd talks about the feature here: X-LIGHTTPD-send-file - Lighttpd - lighty labs

Is this X-Accel scenario possible using HAProxy? Can HAProxy fetch a file based on an HTTP header from the backend and then serve it to the end user without revealing the true path of the file?

This is a feature for a webserver, which nginx and lighttpd and Apache is, but haproxy is not.

Haproxy doesn’t ever access IO to serve a HTTP request.

I knew about the lack of file IO in HAProxy. But isn’t X-Accel just a complicated proxy request? The backend app tells the loadbalancer via an HTTP header to fetch this URL instead?

Right, I was thinking about X-Sendfile which really is a about files on a disk.

If X-Accel points to a HTTP(S) URI, there would be no IO involved.

Still I do not believe this can be achieved easily with haproxy, I’m not aware of specific configuration support for this.

Haproxy is primarily designed as a high performance load balancer, as such it forwards the content a soon as possible.

Haproxy can at this point intercept responses and respond something different in http-response ... configurations, however it’s pretty much static.

There may be hacks with LUA scripts intercepting the responses, however I’m not sure.

I suggest you open a feature request on Github for this.