frontend localnodes
bind *:80
reqadd X-Forwarded-Proto:\ http
# Add CORS headers when Origin header is present
capture request header origin len 128
http-response add-header Access-Control-Allow-Origin %[capture.req.hdr(0)] if { capture.req.hdr(0) -m found }
rspadd Access-Control-Allow-Methods:\ GET,\ HEAD,\ OPTIONS,\ POST,\ PUT if { capture.req.hdr(0) -m found }
rspadd Access-Control-Allow-Credentials:\ true if { capture.req.hdr(0) -m found }
rspadd Access-Control-Allow-Headers:\ Origin,\ Accept,\ X-Requested-With,\ Content-Type,\ Access-Control-Request-Method,\ Access-Control-Request-Headers,\ Authorization if { capture.req.hdr(0) -m found }
default_backend backend_apps
frontend localnodes-https
# Certificate
bind *:443 ssl crt /etc/ssl/private/domain_com.pem
reqadd X-Forwarded-Proto:\ https
# Add CORS headers when Origin header is present
capture request header origin len 128
http-response add-header Access-Control-Allow-Origin %[capture.req.hdr(0)] if { capture.req.hdr(0) -m found }
rspadd Access-Control-Allow-Methods:\ GET,\ HEAD,\ OPTIONS,\ POST,\ PUT if { capture.req.hdr(0) -m found }
rspadd Access-Control-Allow-Credentials:\ true if { capture.req.hdr(0) -m found }
rspadd Access-Control-Allow-Headers:\ Origin,\ Accept,\ X-Requested-With,\ Content-Type,\ Access-Control-Request-Method,\ Access-Control-Request-Headers,\ Authorization if { capture.req.hdr(0) -m found }
default_backend backend_apps
backend backend_apps
# Force HTTPS
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
redirect scheme https if !{ ssl_fc }
server App1 192.168.1.201:80 check
server App2 192.168.1.202:80 check
server App3 192.168.1.203:80 check
server App4 192.168.1.204:80 check
server App5 192.168.1.205:80 check
Last active
July 10, 2025 15:09
-
-
Save nasrulhazim/3f726dbe91c0fa87730809a014f89a02 to your computer and use it in GitHub Desktop.
Setting Up CORS in HAProxy
Need this type of configuration for HAProxy version 2.4.12-4b7772e 2022/01/11.
As above configuration is working for me on HaProxy Version 1.5,1.8.
BUt after upgrading Haproxy to 2.4 its not working.
@akshatkalkhanda , might be a little late, but:
capture request header origin len 128
http-response set-header Access-Control-Allow-Origin %[capture.req.hdr(0)] if { capture.req.hdr(0) -m found }
http-response set-header Access-Control-Allow-Headers "Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization" if { capture.req.hdr(0) -m found }
http-response set-header Access-Control-Allow-Methods "GET, HEAD, OPTIONS, POST, PUT" if { capture.req.hdr(0) -m found }
http-response set-header Access-Control-Allow-Credentials true if { capture.req.hdr(0) -m found }
http-response set-header Strict-Transport-Security max-age=15768000 if { ssl_fc }
http-response set-header X-Frame-Options "SAMEORIGIN"
http-response set-header X-Xss-Protection "1; mode=block"
http-response set-header X-Content-Type-Options "nosniff"
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
using the above configuration we getting the below error
we using this configuration in haproxy