HAProxy - Redirect scheme to HTTPS by keeping the same HTTP method (POST)

Question

I'm using HAProxy 1.6

I'm forcing https usage. Therefore in my backend I'm redirecting http to https. For that I'm using the following code:

backend my-app-name
    redirect scheme https if !{ ssl_fc }
    [...]

This is working well but if my http request is done using POST Method it seems that redirect scheme will change the method to GET.

I saw that in the documentation of HAProxy concerning HTTP redirection we can change the HTTP code to 308. But I cannot change the behavior of my current application.

How can I redirect to https using HAProxy and keeping my original HTTP Method?

Answer 1

as you almost said, you could do the following:

backend my-app-name
       redirect scheme https code 308 if !{ ssl_fc }

haproxy will return 308 (instead of 302). I am not sure how your application is involved. If its sits behind haproxy it will never notice the first non-https requests. And for example, any browser will do a second request via https and the same HTTP verb, i.e. keeping the POST.

Answer 2

Redirects

Use the http-request redirect configuration directive to reroute HTTP traffic. These send back an HTTP redirect response to the client and then the client makes a new request to the new resource. When performing a redirection, HAProxy Enterprise responds directly to the client; it does not forward any traffic to the server.

You can specify the HTTP status code to return by setting the code parameter. Use any of the following:

Code   Meaning

---

301    Permanent move

302    Temporary move should not be cached by the client. This is the default value if no code is configured

303    Similar to 302, but the browser must fetch the new location using a GET

307    Similar to 302, but the browser must reuse the same method as the one from the original request

308    Similar to 301, but the browser must reuse the same method as the one from the original request