For some reason, haproxy is converting my request. Below is the log output.
wc_haproxy | 172.29.0.1:35296 [03/Nov/2021:22:03:44.901] http http/<NOSRV> 0/-1/-1/-1/0 302 134 - - LR-- 1/1/0/0/0 0/0 "POST /register HTTP/1.1"
wc_haproxy | 172.29.0.1:58040 [03/Nov/2021:22:03:44.906] http~ app/app1 0/0/1/0/1 404 130 - - ---- 1/1/0/0/0 0/0 "GET /register HTTP/1.1"
Below is my configuration:
global
log stdout format raw local0
defaults
mode http
timeout client 10s
timeout connect 5s
timeout server 10s
timeout http-request 10s
log global
frontend http
bind *:80
bind *:443 ssl crt /usr/local/etc/haproxy/company.com.pem
redirect scheme https if !{ ssl_fc }
option httplog
acl sub1 hdr_sub(host) -i app.company.com
use_backend app if sub1
use_backend frontstore
backend frontstore
option forwardfor
option httpchk GET /
http-check send ver HTTP/1.1 hdr Host frontstore
server frontstore1 frontstore:8001 check
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
backend app
option forwardfor
option httpchk GET /check
http-check send ver HTTP/1.1 hdr Host app
server app1 app:8002 check
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
Does anyone know why it would do that?
Fyi I'm using the docker image "haproxy:lts-alpine" if that makes any difference.
CodePudding user response:
Because of your frontend configuration:
frontend http
...
redirect scheme https if !{ ssl_fc }
HAProxy is redirecting your application traffic from HTTP to HTTPS. You can check it in your logs, as it is returning a 302 HTTP status code:
wc_haproxy | 172.29.0.1:35296 [03/Nov/2021:22:03:44.901] http http/<NOSRV> 0/-1/-1/-1/0 302 134 - - LR-- 1/1/0/0/0 0/0 "POST /register HTTP/1.1"
Please, consider review the HAProxy relevant documentation.
The POST 302 redirect to GET conversion is a common browser pattern. Please, consider read this SO question. I think it can be related to your problem.