From f8b42925609e94c90af0af9dd496e6397363e2d4 Mon Sep 17 00:00:00 2001 From: Amaury Denoyelle Date: Thu, 4 Mar 2021 18:41:14 +0100 Subject: [PATCH] DOC: fix originalto except clause on destination address Fix the description of the except clause of the originalto option. The destination address and not the source is compared with the except range address to prevent the addition of the X-Original-To header. This can be backported in every releases. --- doc/configuration.txt | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/doc/configuration.txt b/doc/configuration.txt index e6dce4109..4315fb7a8 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -8770,10 +8770,11 @@ option originalto [ except ] [ header ] Sometimes, a same HAProxy instance may be shared between a direct client access and a reverse-proxy access (for instance when an SSL reverse-proxy is used to decrypt HTTPS traffic). It is possible to disable the addition of the - header for a known source address or network by adding the "except" keyword - followed by the network address. In this case, any source IP matching the - network will not cause an addition of this header. Most common uses are with - private networks or 127.0.0.1. IPv4 and IPv6 are both supported. + header for a known destination address or network by adding the "except" + keyword followed by the network address. In this case, any destination IP + matching the network will not cause an addition of this header. Most common + uses are with private networks or 127.0.0.1. IPv4 and IPv6 are both + supported. This option may be specified either in the frontend or in the backend. If at least one of them uses it, the header will be added. Note that the backend's