Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 7f18e52b13272fd7c9747c6468bfd6bda65945d2^! / .
commit7f18e52b13272fd7c9747c6468bfd6bda65945d2[log] [tgz]
authorWilly Tarreau <w@1wt.eu>Fri Oct 22 20:04:13 2010 +0200
committerWilly Tarreau <w@1wt.eu>Sat Oct 30 19:04:35 2010 +0200
treec827b8d689eab260e22b6d8372273ad7e53372df
parent8aa6b3762cec4756b226c499f8a0cac3b0e6f9f0 [diff]
[MINOR] acl: add the http_req_first match

This match returns true when the request calling it is the first one of
a connection.
(cherry picked from commit 922ca979c50653c415852531f36fe409190ad76b)

diff --git a/doc/configuration.txt b/doc/configuration.txt
index d96a498..d7f81f4 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt

@@ -7202,6 +7202,12 @@
 
   Currently only http basic auth is supported.
 
+http_req_first
+  Returns true when the request being processed is the first one of the
+  connection. This can be used to add or remove headers that may be missing
+  from some requests when a request is not the first one, or even to perform
+  some specific ACL checks only on the first request.
+
 method <string>
   Applies to the method in the HTTP request, eg: "GET". Some predefined ACL
   already check for most common methods.

diff --git a/src/proto_http.c b/src/proto_http.c
index 3003e5d..3a2be18 100644
--- a/src/proto_http.c
+++ b/src/proto_http.c

@@ -7968,6 +7968,22 @@
 	return 1;
 }
 
+/* return a valid test if the current request is the first one on the connection */
+static int
+acl_fetch_http_first_req(struct proxy *px, struct session *s, void *l7, int dir,
+		     struct acl_expr *expr, struct acl_test *test)
+{
+	if (!s)
+		return 0;
+
+	if (s->txn.flags & TX_NOT_FIRST)
+		test->flags |= ACL_TEST_F_SET_RES_FAIL;
+	else
+		test->flags |= ACL_TEST_F_SET_RES_PASS;
+
+	return 1;
+}
+
 static int
 acl_fetch_http_auth(struct proxy *px, struct session *s, void *l7, int dir,
 		    struct acl_expr *expr, struct acl_test *test)
@@ -8061,8 +8077,9 @@
 	{ "cook_pst",   acl_parse_none,  acl_fetch_cook,   acl_match_pst   },
 #endif
 
-	{ "http_auth",       acl_parse_nothing, acl_fetch_http_auth, acl_match_auth },
-	{ "http_auth_group", acl_parse_strcat,  acl_fetch_http_auth, acl_match_auth },
+	{ "http_auth",       acl_parse_nothing, acl_fetch_http_auth, acl_match_auth, ACL_USE_L7REQ_PERMANENT },
+	{ "http_auth_group", acl_parse_strcat,  acl_fetch_http_auth, acl_match_auth, ACL_USE_L7REQ_PERMANENT },
+	{ "http_first_req",  acl_parse_nothing, acl_fetch_http_first_req, acl_match_nothing, ACL_USE_L7REQ_PERMANENT },
 	{ NULL, NULL, NULL, NULL },
 }};