summaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2022-02-25 16:08:22 +0000
committerGerrit Code Review <gerrit@onap.org>2022-02-25 16:08:22 +0000
commitbb9d70c496576889ae936e153007b984ffea5a26 (patch)
treeb043cbea3948000d6618da5dd634ac3bfeed4664 /kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg
parent2d427a36b97bb58c1f58fae191c7fbaad5e207f2 (diff)
parentc1aa75883eda55ab5e68cc60ba7d68ec27d1d126 (diff)
Merge "[AAI] Request blocking enhancement for AAI"
Diffstat (limited to 'kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg')
-rw-r--r--kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg9
1 files changed, 9 insertions, 0 deletions
diff --git a/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg b/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg
index 9fa6d2ee9b..6e7acef17f 100644
--- a/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg
+++ b/kubernetes/aai/resources/config/haproxy/haproxy-pluggable-security.cfg
@@ -88,6 +88,15 @@ frontend IST_8443
http-request set-header X-AAI-SSL-Client-ST %{+Q}[ssl_c_s_dn(ST)]
http-request set-header X-AAI-SSL-Client-C %{+Q}[ssl_c_s_dn(C)]
http-request set-header X-AAI-SSL-Client-O %{+Q}[ssl_c_s_dn(O)]
+#######################################
+## Request blocking configuration ###
+#######################################
+ {{- if eq $.Values.haproxy.requestBlocking.enabled true }}
+ {{- range $custom_config := $.Values.haproxy.requestBlocking.customConfigs }}
+ {{ $custom_config }}
+ {{- end }}
+ {{- end }}
+
reqadd X-Forwarded-Proto:\ https
reqadd X-Forwarded-Port:\ 8443