我正在尝试向定向到特定端口的响应添加一些安全标头。我有以下配置的前端:
frontend desenv_ext_1
bind *:80
bind *:443 ssl crt /etc/ssl/certs/cert.pem
mode http
option tcplog
default_backend desenv_1
timeout client 5m
#ACL to new attempt
acl header_c dst_port 80
#Attempt with no ACL
http-response set-header X-Frame-Options SAMEORIGIN
#Attempt with ssl ACL
http-response set-header Strict-Transport-Security max-age=31535400;\ includeSubDomains;\ preload; if {ssl_fc}
http-response add-header Referrer-Policy no-referrer if !{ ssl_fc }
#Attempt with header_c ACL
http-response set-header X-Content-Type-Options nosniff if header_c
http-response add-header X-XSS-Protection 1;\ mode=block if header_c
#Attempt with rspadd
rspadd X-Backen-Serve\ laranja if header_c …
Run Code Online (Sandbox Code Playgroud)