I am curious how I am supposed to overwrite
headers middleware in a specific router. My case is that I have attached to the default entry-point sitting on port 443 security headers to block indexing.. However I would like couple sites to be indexed. It would make sense to create another shared middleware which will be overwriting the default one attached to the 443 entrypoint..
My configuration is as follows:
entryPoints: websecure: address: ':443' http: tls: certResolver: default domains: - main: example.com middlewares: - private-headers@file
### SECURITY private-headers: headers: accessControlAllowMethods: - GET - OPTIONS - PUT accessControlMaxAge: 100 hostsProxyHeaders: - X-Forwarded-Host stsSeconds: 63072000 stsIncludeSubdomains: true stsPreload: true forceSTSHeader: true frameDeny: false contentTypeNosniff: true browserXssFilter: true referrerPolicy: same-origin permissionsPolicy: "camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none'; vr 'none';" customResponseHeaders: X-Robots-Tag: "none,noindex,nofollow,noarchive,nosnippet,notranslate,noimageindex" server: "" ### PUBLIC SITES public-headers: headers: permissionsPolicy: "*" customResponseHeaders: X-Robots-Tag: "" server: ""
So entrypoint is using
private-headers but let them be overwritten in the router via other middleware
http: routers: forum.example.com: entryPoints: - websecure rule: Host(`forum.example.com`) service: forum.example.com middlewares: - public-headers services: forum.example.com: loadBalancer: passHostHeader: true servers: - url: 'http://192.168.255.11:59111'
Current result is as follows:
You can see that it is not overwriting even if the public headers are listed as second.. Obviously I cant create another entrypoint due to port conflict and letsencrypt configuration.. To me it seems that the most convenient solution is to have router middleware overwrite those in entrypoint.. If anybody has some suggestion how my scenario could be implemented, I will be much of a help. Thanks.