Add separate SSE backend for secure Server-Sent Events support
All checks were successful
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 52s
All checks were successful
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 52s
Creates two backends per domain: 1. Regular backend - Uses http-server-close for better security and connection management (prevents connection exhaustion attacks) 2. SSE backend - Optimized for Server-Sent Events with: - no option http-server-close (allows long-lived connections) - option http-no-delay (immediate data transmission) - 6-hour timeouts (supports long streaming sessions) Frontend routing logic: - Detects SSE via Accept: text/event-stream header or ?action=stream param - Routes SSE traffic to SSE-optimized backend - Routes regular HTTP traffic to standard secure backend This approach provides full SSE support while maintaining security for regular HTTP traffic (preventing DDoS/connection flooding attacks). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
@@ -1,4 +1,13 @@
|
||||
|
||||
|
||||
#Subdomain method {{ domain }}
|
||||
acl {{ domain }}-acl hdr(host) -i {{ domain }}
|
||||
use_backend {{ name }}-backend if {{ domain }}-acl
|
||||
acl {{ name }}-acl hdr(host) -i {{ domain }}
|
||||
|
||||
# Detect Server-Sent Events (SSE) connections for {{ domain }}
|
||||
# SSE uses Accept: text/event-stream or ?action=stream query parameter
|
||||
acl {{ name }}-is-sse hdr(accept) -i -m sub text/event-stream
|
||||
acl {{ name }}-is-sse-url urlp(action) -i -m str stream
|
||||
|
||||
# Route SSE traffic to SSE-optimized backend, regular traffic to standard backend
|
||||
use_backend {{ name }}-sse-backend if {{ name }}-acl {{ name }}-is-sse
|
||||
use_backend {{ name }}-sse-backend if {{ name }}-acl {{ name }}-is-sse-url
|
||||
use_backend {{ name }}-backend if {{ name }}-acl
|
||||
|
||||
Reference in New Issue
Block a user