MINOR: http: add the function "del-header" to the directives http-request and http...

This patch permits to remove all HTTP request and response header fields
whose name is specified in <name>.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 6d6f45edca180d0d96348aa7f8275866b67848eb..65df4172b9235e7a274b0f984c16d49815bc27d4 100644 (file)
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -2847,8 +2847,8 @@ http-check send-state
 
 http-request { allow | deny | tarpit | auth [realm <realm>] | redirect <rule> |
               add-header <name> <fmt> | set-header <name> <fmt> |
-              set-nice <nice> | set-log-level <level> | set-tos <tos> |
-              set-mark <mark> }
+              del-header <name> | set-nice <nice> | set-log-level <level> |
+              set-tos <tos> | set-mark <mark> }
              [ { if | unless } <condition> ]
   Access control for Layer 7 requests
 
@@ -2907,6 +2907,9 @@ http-request { allow | deny | tarpit | auth [realm <realm>] | redirect <rule> |
       information to the server, where the header must not be manipulated by
       external users.
 
+    - "del-header" removes all HTTP header fields whose name is specified in
+      <name>.
+
     - "set-nice" sets the "nice" factor of the current request being processed.
       It only has effect against the other requests being processed at the same
       time. The default value is 0, unless altered by the "nice" setting on the
@@ -2977,8 +2980,8 @@ http-request { allow | deny | tarpit | auth [realm <realm>] | redirect <rule> |
              about ACL usage.
 
 http-response { allow | deny | add-header <name> <fmt> | set-nice <nice> |
-                set-header <name> <fmt> | set-log-level <level> |
-                set-mark <mark> | set-tos <tos> }
+                set-header <name> <fmt> | del-header <name> |
+                set-log-level <level> | set-mark <mark> | set-tos <tos> }
               [ { if | unless } <condition> ]
   Access control for Layer 7 responses
 
@@ -3014,6 +3017,9 @@ http-response { allow | deny | add-header <name> <fmt> | set-nice <nice> |
       information to the server, where the header must not be manipulated by
       external users.
 
+    - "del-header" removes all HTTP header fields whose name is specified in
+      <name>.
+
     - "set-nice" sets the "nice" factor of the current request being processed.
       It only has effect against the other requests being processed at the same
       time. The default value is 0, unless altered by the "nice" setting on the

diff --git a/include/types/proto_http.h b/include/types/proto_http.h
index f3fc1fc0b779016dd3f7cb668c38703631cdd91a..53e9fb4e830725e556b78cc23e8b6da37efadcf3 100644 (file)
--- a/include/types/proto_http.h
+++ b/include/types/proto_http.h
@@ -246,6 +246,7 @@ enum {
        HTTP_REQ_ACT_AUTH,
        HTTP_REQ_ACT_ADD_HDR,
        HTTP_REQ_ACT_SET_HDR,
+       HTTP_REQ_ACT_DEL_HDR,
        HTTP_REQ_ACT_REDIR,
        HTTP_REQ_ACT_SET_NICE,
        HTTP_REQ_ACT_SET_LOGL,
@@ -261,6 +262,7 @@ enum {
        HTTP_RES_ACT_DENY,
        HTTP_RES_ACT_ADD_HDR,
        HTTP_RES_ACT_SET_HDR,
+       HTTP_RES_ACT_DEL_HDR,
        HTTP_RES_ACT_SET_NICE,
        HTTP_RES_ACT_SET_LOGL,
        HTTP_RES_ACT_SET_TOS,

diff --git a/src/proto_http.c b/src/proto_http.c
index 546b59eb502f3d06645c279fd0786b5a542d87b3..3a4b0702ea9298f4b06137d546ecf06298f70a6f 100644 (file)
--- a/src/proto_http.c
+++ b/src/proto_http.c
@@ -3210,6 +3210,7 @@ http_req_get_intercept_rule(struct proxy *px, struct list *rules, struct session
                        s->logs.level = rule->arg.loglevel;
                        break;
 
+               case HTTP_REQ_ACT_DEL_HDR:
                case HTTP_REQ_ACT_SET_HDR:
                        ctx.idx = 0;
                        /* remove all occurrences of the header */
@@ -3217,6 +3218,8 @@ http_req_get_intercept_rule(struct proxy *px, struct list *rules, struct session
                                                 txn->req.chn->buf->p, &txn->hdr_idx, &ctx)) {
                                http_remove_header2(&txn->req, &txn->hdr_idx, &ctx);
                        }
+                       if (rule->action == HTTP_REQ_ACT_DEL_HDR)
+                               break;
                        /* now fall through to header addition */
 
                case HTTP_REQ_ACT_ADD_HDR:
@@ -3296,6 +3299,7 @@ http_res_get_intercept_rule(struct proxy *px, struct list *rules, struct session
                        s->logs.level = rule->arg.loglevel;
                        break;
 
+               case HTTP_RES_ACT_DEL_HDR:
                case HTTP_RES_ACT_SET_HDR:
                        ctx.idx = 0;
                        /* remove all occurrences of the header */
@@ -3303,6 +3307,8 @@ http_res_get_intercept_rule(struct proxy *px, struct list *rules, struct session
                                                 txn->rsp.chn->buf->p, &txn->hdr_idx, &ctx)) {
                                http_remove_header2(&txn->rsp, &txn->hdr_idx, &ctx);
                        }
+                       if (rule->action == HTTP_RES_ACT_DEL_HDR)
+                               break;
                        /* now fall through to header addition */
 
                case HTTP_RES_ACT_ADD_HDR:
@@ -8590,6 +8596,25 @@ struct http_req_rule *parse_http_req_cond(const char **args, const char *file, i
                proxy->conf.lfs_file = strdup(proxy->conf.args.file);
                proxy->conf.lfs_line = proxy->conf.args.line;
                cur_arg += 2;
+       } else if (strcmp(args[0], "del-header") == 0) {
+               rule->action = HTTP_REQ_ACT_DEL_HDR;
+               cur_arg = 1;
+
+               if (!*args[cur_arg] ||
+                   (*args[cur_arg+1] && strcmp(args[cur_arg+1], "if") != 0 && strcmp(args[cur_arg+1], "unless") != 0)) {
+                       Alert("parsing [%s:%d]: 'http-request %s' expects exactly 1 argument.\n",
+                             file, linenum, args[0]);
+                       goto out_err;
+               }
+
+               rule->arg.hdr_add.name = strdup(args[cur_arg]);
+               rule->arg.hdr_add.name_len = strlen(rule->arg.hdr_add.name);
+
+               proxy->conf.args.ctx = ARGC_HRQ;
+               free(proxy->conf.lfs_file);
+               proxy->conf.lfs_file = strdup(proxy->conf.args.file);
+               proxy->conf.lfs_line = proxy->conf.args.line;
+               cur_arg += 1;
        } else if (strcmp(args[0], "redirect") == 0) {
                struct redirect_rule *redir;
                char *errmsg = NULL;
@@ -8762,6 +8787,25 @@ struct http_res_rule *parse_http_res_cond(const char **args, const char *file, i
                proxy->conf.lfs_file = strdup(proxy->conf.args.file);
                proxy->conf.lfs_line = proxy->conf.args.line;
                cur_arg += 2;
+       } else if (strcmp(args[0], "del-header") == 0) {
+               rule->action = HTTP_RES_ACT_DEL_HDR;
+               cur_arg = 1;
+
+               if (!*args[cur_arg] ||
+                   (*args[cur_arg+1] && strcmp(args[cur_arg+1], "if") != 0 && strcmp(args[cur_arg+1], "unless") != 0)) {
+                       Alert("parsing [%s:%d]: 'http-response %s' expects exactly 1 argument.\n",
+                             file, linenum, args[0]);
+                       goto out_err;
+               }
+
+               rule->arg.hdr_add.name = strdup(args[cur_arg]);
+               rule->arg.hdr_add.name_len = strlen(rule->arg.hdr_add.name);
+
+               proxy->conf.args.ctx = ARGC_HRS;
+               free(proxy->conf.lfs_file);
+               proxy->conf.lfs_file = strdup(proxy->conf.args.file);
+               proxy->conf.lfs_line = proxy->conf.args.line;
+               cur_arg += 1;
        } else {
                Alert("parsing [%s:%d]: 'http-response' expects 'allow', 'deny', 'redirect', 'add-header', 'set-header', 'set-nice', 'set-tos', 'set-mark', 'set-log-level', but got '%s'%s.\n",
                      file, linenum, args[0], *args[0] ? "" : " (missing argument)");