configs/remap.config.default - trafficserver - Git at Google

 #
 # remap.config - URL Remapping Config File
 #
 # Documentation:
 #    https://docs.trafficserver.apache.org/en/latest/admin-guide/files/remap.config.en.html
 #
 # Using remap.config allows you to accomplish two things:
 #
 #  1) Rewrite a URL (from the client) before sending it to the Origin Server.
 #  2) Protect the proxy server, to only allow certain requests.
 #
 #  With the default configurations, at least one remap rule is required. This
 #  can be relaxed with the following configuration in records.config:
 #
 #   CONFIG proxy.config.url_remap.remap_required INT 0
 #
 # Be aware, doing so makes the proxy a generic, open-relay!
 #
 #  The format is:
 #      <map_type> client-URL origin-server-URL <tag_value> <filtering>
 #
 # Where client-URL and origin-server-URL are both of the format
 #    <scheme>://<host>:<port>/<path_prefix>
 #
 #  The <tag_value> directive is optional and can be different for different
 #  types of <map_type>. The <filtering arguments> are optional ACL-like
 #  arguments unique for each remap rule
 #
 #  Six different types of mappings are possible:
 #     map
 #     map_with_referer
 #     map_with_recv_port
 #     reverse_map
 #     redirect
 #     redirect_temporary
 #
 #  Each of these map types can be prefixed with the string 'regex_' to indicate
 #  that the rule will have regular expression strings. See the last part of
 #  this description for more information on regex support.
 #
 #  The 'map' mapping is the most straightforward.  Requests that match the
 #  client-URL are rewritten into the origin-server-URL. The user agent will see
 #  the page on the remapped URL, but will not be notified of the address
 #  change.
 #
 #  The 'map_with_referer' is an extended version of 'map', which can be used to
 #  activate the so-called "deep linking protection" feature available in
 #  Apache Traffic Server.
 #
 #  The 'map_with_recv_port' is exactly like 'map' except that it uses the port
 #  at which the request was received to perform the mapping instead of the port
 #  present in the request. When present, 'map_with_recv_port' mappings are
 #  checked first. If there is a match, then it is chosen without evaluating the
 #  "regular" forward mapping rules.
 #
 #  The 'reverse_map' mapping is used to rewrite location headers sent by the
 #  origin server.  The 'redirect' mapping creates a permanent redirect message
 #  and informs the browser of the URL change.
 #
 #  The 'redirect_temporary' mapping acts in the same way but tells the browser
 #  that this redirect is only temporary.  We need to map the URL in reverse
 #  proxy mode so that user agents know to contact Traffic Server and not
 #  attempt to contact the Origin Server directly.
 #
 #  For example, you can set up a reverse proxy for www.example.com with the
 #  real content situated at server1.example.com with the rules:
 #
 #    map          http://www.example.com/      http://server1.example.com/
 #    reverse_map  http://server1.example.com/  http://www.example.com/
 #
 #  Or you could permanently redirect users trying to access www.oldserver.com
 #  to www.newserver.com with the following rule:
 #
 #    redirect	http://www.oldserver.com/    http://www.newserver.com
 #
 #  If the redirect is only temporary, you want to only temporarily remap the
 #  URL.  You could use the following rule to divert users away from a failed
 #  server:
 #
 #  redirect_temporary http://broken.firm.com http://working.firm.com
 #
 #  In order to use "deep linking protection" Traffic Server's feature, the
 #  'map_with_referer' mapping scheme must be used. In general, the format of is
 #  the following:
 #
 #     map_with_referer client-URL origin-server-URL redirect-URL regex1 [regex2 ...]
 #
 #  'redirect-URL' is a redirection URL specified according to RFC 2616 and can
 #  contain special formatting instructions for run-time modifications of the
 #  resulting redirection URL.  All regexes Perl compatible  regular expressions,
 #  which describes the content of the "Referer" header which must be
 #  verified. In case an actual request does not have "Referer" header or it
 #  does not match with referer regular expression, the HTTP request will be
 #  redirected to 'redirect-URL'.
 #
 #  At least one regular expressions must be specified in order to activate
 #  'deep linking protection'.  There are limitations for the number of referer
 #  regular expression strings - 2048.  In order to enable the 'deep linking
 #  protection' feature in Traffic Server, configure records.config with:
 #
 #    CONFIG proxy.config.http.referer_filter INT 1
 #
 #  In order to enable run-time formatting for redirect0URL, configure
 #
 #    CONFIG proxy.config.http.referer_format_redirect INT 1
 #
 #  When run-time formatting for redirect-URL was enabled the following format
 #  symbols can be used:
 #
 #    %r - to substitute original "Referer" header string
 #    %f - to substitute client-URL from 'map_with_referer' record
 #    %t - to substitute origin-server-URL from 'map_with_referer' record
 #    %o - to substitute request URL to origin server, which was created a
 #         the result of a mapping operation
 #
 #  Note: There is a special referer type "~*" that can be used in order to
 #  specify that the Referer header is optional in the request.  If "~*" referer
 #  was used in map_with_referer mapping, only requests with Referer header will
 #  be verified for validity.  If the "~" symbol was specified before referer
 #  regular expression, it means that the request with a matching referer header
 #  will be redirected to redirectURL. It can be used to create a so-called
 #  negative referer list.  If "*" was used as a referer regular expression -
 #  all referers are allowed.  Various combinations of "*" and "~" in a referer
 #  list can be used to create different filtering rules.
 #
 #  Examples:
 #    map_with_referer http://y.foo.bar.com/x/yy/  http://foo.bar.com/x/yy/ http://games.bar.com/new_games .*\.bar\.com www.bar-friends.com
 #
 #  Explanation: Referer header must be in the request, only ".*\.bar\.com"
 #  and "www.bar-friends.com" are allowed.
 #
 #    map_with_referer http://y.foo.bar.com/x/yy/  http://foo.bar.com/x/yy/ http://games.bar.com/new_games * ~.*\.evil\.com
 #
 #  Explanation: Referer header must be in the request but all referers are
 #  allowed except ".*\.evil\.com".
 #
 #    map_with_referer http://y.foo.bar.com/x/yy/  http://foo.bar.com/x/yy/ http://games.bar.com/error ~* * ~.*\.evil\.com
 #
 #  Explanation: Referer header is optional. However, if Referer header exists,
 #  only request from ".*\.evil\.com" will be redirected to redirect-URL.
 #
 #  There are optional filtering arguments that can be specified at the end of the mapping definition line:
 #
 #    @action=allow|deny
 #    @src_ip=IP-address
 #    @method=HTTP method string (CONNECT|DELETE|GET|HEAD|OPTIONS|POST|PURGE|PUT|TRACE|PUSH)
 #    @plugin=<plugin_path>
 #    @pparam=<plugin_param>
 #
 #  There is no limitation for the number of filtering arguments.
 #
 #  Example:
 #    map http://foo.cow.com/ http://bar.cow.com @src_ip=10.72.118.51-10.72.118.62 @method=GET @method=DELETE @src_ip=192.168.0.1-192.168.0.254 @action=allow @method=PUT
 #
 #  Traffic Server supports WebSockets but it must be enabled via remap. WebSocket upgrades are automatically
 #  detected when there exists a remap rule containing a ws:// scheme.
 #
 #  Example:
 #     map ws://bar.com/ ws://foo.com/
 #
 #  Explanation: When a request comes in with the appropriate upgrade headers, Traffic Server will use this
 #   remap rule in an attempt to establish and maintain a websocket connection.
 #
 #  Named filters can be created and applied to blocks of mappings
 #  using the .definefilter, .activatefilter, and .deactivatefilter
 #  directives. Named filters must be defined using .definefilter
 #  before being used. Once defined, .activatefilter can used to
 #  activate a filter for all mappings that follow until deactivated
 #  with .deactivatefilter.
 #
 #  Example:
 #    .definefilter disable_delete_purge @action=deny @method=delete @method=purge
 #    .definefilter internal_only @action=allow @src_ip=192.168.0.1-192.168.0.254 @src_ip=10.0.0.1-10.0.0.254
 #
 #    .activatefilter disable_delete_purge
 #
 #    map http://foo.example.com/ http://bar.example.com/
 #
 #    .activatefilter internal_only
 #    map http://www.example.com/admin http://internal.example.com/admin
 #    .deactivatefilter internal_only
 #
 #    map http://www.example.com/ http://internal.example.com/
 #
 #
 #  Regex support: Regular expressions can be specified in the rules with the
 #  following limitations:
 #
 #  1) Only the host field can have regexes - the scheme, port and other
 #     fields cannot.
 #  2) The number of capturing sub-patterns is limited to 9;
 #     this means $0 through $9 can be used as substitution place holders ($0
 #     will be the entire input string)
 #  3) The number of substitutions in the expansion string is limited to 10.
 #
	#
	# remap.config - URL Remapping Config File
	#
	# Documentation:
	# https://docs.trafficserver.apache.org/en/latest/admin-guide/files/remap.config.en.html
	#
	# Using remap.config allows you to accomplish two things:
	#
	# 1) Rewrite a URL (from the client) before sending it to the Origin Server.
	# 2) Protect the proxy server, to only allow certain requests.
	#
	# With the default configurations, at least one remap rule is required. This
	# can be relaxed with the following configuration in records.config:
	#
	# CONFIG proxy.config.url_remap.remap_required INT 0
	#
	# Be aware, doing so makes the proxy a generic, open-relay!
	#
	# The format is:
	# <map_type> client-URL origin-server-URL <tag_value> <filtering>
	#
	# Where client-URL and origin-server-URL are both of the format
	# <scheme>://<host>:<port>/<path_prefix>
	#
	# The <tag_value> directive is optional and can be different for different
	# types of <map_type>. The <filtering arguments> are optional ACL-like
	# arguments unique for each remap rule
	#
	# Six different types of mappings are possible:
	# map
	# map_with_referer
	# map_with_recv_port
	# reverse_map
	# redirect
	# redirect_temporary
	#
	# Each of these map types can be prefixed with the string 'regex_' to indicate
	# that the rule will have regular expression strings. See the last part of
	# this description for more information on regex support.
	#
	# The 'map' mapping is the most straightforward. Requests that match the
	# client-URL are rewritten into the origin-server-URL. The user agent will see
	# the page on the remapped URL, but will not be notified of the address
	# change.
	#
	# The 'map_with_referer' is an extended version of 'map', which can be used to
	# activate the so-called "deep linking protection" feature available in
	# Apache Traffic Server.
	#
	# The 'map_with_recv_port' is exactly like 'map' except that it uses the port
	# at which the request was received to perform the mapping instead of the port
	# present in the request. When present, 'map_with_recv_port' mappings are
	# checked first. If there is a match, then it is chosen without evaluating the
	# "regular" forward mapping rules.
	#
	# The 'reverse_map' mapping is used to rewrite location headers sent by the
	# origin server. The 'redirect' mapping creates a permanent redirect message
	# and informs the browser of the URL change.
	#
	# The 'redirect_temporary' mapping acts in the same way but tells the browser
	# that this redirect is only temporary. We need to map the URL in reverse
	# proxy mode so that user agents know to contact Traffic Server and not
	# attempt to contact the Origin Server directly.
	#
	# For example, you can set up a reverse proxy for www.example.com with the
	# real content situated at server1.example.com with the rules:
	#
	# map http://www.example.com/ http://server1.example.com/
	# reverse_map http://server1.example.com/ http://www.example.com/
	#
	# Or you could permanently redirect users trying to access www.oldserver.com
	# to www.newserver.com with the following rule:
	#
	# redirect http://www.oldserver.com/ http://www.newserver.com
	#
	# If the redirect is only temporary, you want to only temporarily remap the
	# URL. You could use the following rule to divert users away from a failed
	# server:
	#
	# redirect_temporary http://broken.firm.com http://working.firm.com
	#
	# In order to use "deep linking protection" Traffic Server's feature, the
	# 'map_with_referer' mapping scheme must be used. In general, the format of is
	# the following:
	#
	# map_with_referer client-URL origin-server-URL redirect-URL regex1 [regex2 ...]
	#
	# 'redirect-URL' is a redirection URL specified according to RFC 2616 and can
	# contain special formatting instructions for run-time modifications of the
	# resulting redirection URL. All regexes Perl compatible regular expressions,
	# which describes the content of the "Referer" header which must be
	# verified. In case an actual request does not have "Referer" header or it
	# does not match with referer regular expression, the HTTP request will be
	# redirected to 'redirect-URL'.
	#
	# At least one regular expressions must be specified in order to activate
	# 'deep linking protection'. There are limitations for the number of referer
	# regular expression strings - 2048. In order to enable the 'deep linking
	# protection' feature in Traffic Server, configure records.config with:
	#
	# CONFIG proxy.config.http.referer_filter INT 1
	#
	# In order to enable run-time formatting for redirect0URL, configure
	#
	# CONFIG proxy.config.http.referer_format_redirect INT 1
	#
	# When run-time formatting for redirect-URL was enabled the following format
	# symbols can be used:
	#
	# %r - to substitute original "Referer" header string
	# %f - to substitute client-URL from 'map_with_referer' record
	# %t - to substitute origin-server-URL from 'map_with_referer' record
	# %o - to substitute request URL to origin server, which was created a
	# the result of a mapping operation
	#
	# Note: There is a special referer type "~*" that can be used in order to
	# specify that the Referer header is optional in the request. If "~*" referer
	# was used in map_with_referer mapping, only requests with Referer header will
	# be verified for validity. If the "~" symbol was specified before referer
	# regular expression, it means that the request with a matching referer header
	# will be redirected to redirectURL. It can be used to create a so-called
	# negative referer list. If "*" was used as a referer regular expression -
	# all referers are allowed. Various combinations of "*" and "~" in a referer
	# list can be used to create different filtering rules.
	#
	# Examples:
	# map_with_referer http://y.foo.bar.com/x/yy/ http://foo.bar.com/x/yy/ http://games.bar.com/new_games .*\.bar\.com www.bar-friends.com
	#
	# Explanation: Referer header must be in the request, only ".*\.bar\.com"
	# and "www.bar-friends.com" are allowed.
	#
	# map_with_referer http://y.foo.bar.com/x/yy/ http://foo.bar.com/x/yy/ http://games.bar.com/new_games * ~.*\.evil\.com
	#
	# Explanation: Referer header must be in the request but all referers are
	# allowed except ".*\.evil\.com".
	#
	# map_with_referer http://y.foo.bar.com/x/yy/ http://foo.bar.com/x/yy/ http://games.bar.com/error ~* * ~.*\.evil\.com
	#
	# Explanation: Referer header is optional. However, if Referer header exists,
	# only request from ".*\.evil\.com" will be redirected to redirect-URL.
	#
	# There are optional filtering arguments that can be specified at the end of the mapping definition line:
	#
	# @action=allow\|deny
	# @src_ip=IP-address
	# @method=HTTP method string (CONNECT\|DELETE\|GET\|HEAD\|OPTIONS\|POST\|PURGE\|PUT\|TRACE\|PUSH)
	# @plugin=<plugin_path>
	# @pparam=<plugin_param>
	#
	# There is no limitation for the number of filtering arguments.
	#
	# Example:
	# map http://foo.cow.com/ http://bar.cow.com @src_ip=10.72.118.51-10.72.118.62 @method=GET @method=DELETE @src_ip=192.168.0.1-192.168.0.254 @action=allow @method=PUT
	#
	# Traffic Server supports WebSockets but it must be enabled via remap. WebSocket upgrades are automatically
	# detected when there exists a remap rule containing a ws:// scheme.
	#
	# Example:
	# map ws://bar.com/ ws://foo.com/
	#
	# Explanation: When a request comes in with the appropriate upgrade headers, Traffic Server will use this
	# remap rule in an attempt to establish and maintain a websocket connection.
	#
	# Named filters can be created and applied to blocks of mappings
	# using the .definefilter, .activatefilter, and .deactivatefilter
	# directives. Named filters must be defined using .definefilter
	# before being used. Once defined, .activatefilter can used to
	# activate a filter for all mappings that follow until deactivated
	# with .deactivatefilter.
	#
	# Example:
	# .definefilter disable_delete_purge @action=deny @method=delete @method=purge
	# .definefilter internal_only @action=allow @src_ip=192.168.0.1-192.168.0.254 @src_ip=10.0.0.1-10.0.0.254
	#
	# .activatefilter disable_delete_purge
	#
	# map http://foo.example.com/ http://bar.example.com/
	#
	# .activatefilter internal_only
	# map http://www.example.com/admin http://internal.example.com/admin
	# .deactivatefilter internal_only
	#
	# map http://www.example.com/ http://internal.example.com/
	#
	#
	# Regex support: Regular expressions can be specified in the rules with the
	# following limitations:
	#
	# 1) Only the host field can have regexes - the scheme, port and other
	# fields cannot.
	# 2) The number of capturing sub-patterns is limited to 9;
	# this means $0 through $9 can be used as substitution place holders ($0
	# will be the entire input string)
	# 3) The number of substitutions in the expansion string is limited to 10.
	#