Bug #14536
closedBackend cookie protection option generates invalid haproxy config file
0%
Description
On PFSense 2.7.0, with haproxy 0.61_10 package installed.
Create a haproxy backend, edit it and enable the "Cookie protection" flag, described as "Set "secure" attribure on cookies (only used on "http" frontends)" (note a typo on the word attribure, btw).
Save, and try to apply the changes. HAProxy cannot start, logs show the following error: "The 'rspirep' directive is not supported anymore since HAProxy 2.1. Use 'http-response replace-header' instead."
This can be tracked back to the package source code:
https://github.com/pfsense/FreeBSD-ports/blob/47d4eaf7c4e5fe3d6ec863b5db544ec6ed150268/net/pfSense-pkg-haproxy/files/usr/local/pkg/haproxy/haproxy.inc#L806
The following link proposes a solution that may help fixing the affected source code:
https://stackoverflow.com/questions/59484910/haproxy-replace-rsprep-directive-by-http-response-replace-header
Please let me know if I can be of any further help reproducing or troubleshooting the issue. Thanks!
Related issues
Updated by Jim Pingle over 1 year ago
- Is duplicate of Bug #13343: HAproxy cookie protection syntax needs updated added