Fortinet black logo

CLI Reference

web-proxy profile

Configure web proxy profiles.

  config web-proxy profile
      Description: Configure web proxy profiles.
      edit <name>
          set header-client-ip [pass|add|...]
          set header-via-request [pass|add|...]
          set header-via-response [pass|add|...]
          set header-x-forwarded-for [pass|add|...]
          set header-front-end-https [pass|add|...]
          set header-x-authenticated-user [pass|add|...]
          set header-x-authenticated-groups [pass|add|...]
          set strip-encoding [enable|disable]
          set log-header-change [enable|disable]
          config headers
              Description: Configure HTTP forwarded requests headers.
              edit <id>
                  set name {string}
                  set dstaddr <name1>, <name2>, ...
                  set dstaddr6 <name1>, <name2>, ...
                  set action [add-to-request|add-to-response|...]
                  set content {string}
                  set base64-encoding [disable|enable]
                  set add-option [append|new-on-not-found|...]
                  set protocol {option1}, {option2}, ...
              next
          end
      next
  end

config web-proxy profile

Parameter Name Description Type Size
header-client-ip Action to take on the HTTP client-IP header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
header-via-request Action to take on the HTTP via header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
header-via-response Action to take on the HTTP via header in forwarded responses: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
header-x-forwarded-for Action to take on the HTTP x-forwarded-for header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
header-front-end-https Action to take on the HTTP front-end-HTTPS header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
header-x-authenticated-user Action to take on the HTTP x-authenticated-user header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
header-x-authenticated-groups Action to take on the HTTP x-authenticated-groups header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
strip-encoding Enable/disable stripping unsupported encoding from the request header.
enable: Enable stripping of unsupported encoding from the request header.
disable: Disable stripping of unsupported encoding from the request header.
option -
log-header-change Enable/disable logging HTTP header changes.
enable: Enable Enable/disable logging HTTP header changes.
disable: Disable Enable/disable logging HTTP header changes.
option -

config headers

Parameter Name Description Type Size
name HTTP forwarded header name. string Maximum length: 79
dstaddr <name> Destination address and address group names.
Address name.
string Maximum length: 79
dstaddr6 <name> Destination address and address group names (IPv6).
Address name.
string Maximum length: 79
action Action when the HTTP header is forwarded.
add-to-request: Add the HTTP header to request.
add-to-response: Add the HTTP header to response.
remove-from-request: Remove the HTTP header from request.
remove-from-response: Remove the HTTP header from response.
option -
content HTTP header content. string Maximum length: 255
base64-encoding Enable/disable use of base64 encoding of HTTP content.
disable: Disable use of base64 encoding of HTTP content.
enable: Enable use of base64 encoding of HTTP content.
option -
add-option Configure options to append content to existing HTTP header or add new HTTP header.
append: Append content to existing HTTP header or create new header if HTTP header is not found.
new-on-not-found: Create new header only if existing HTTP header is not found.
new: Create new header regardless if existing HTTP header is found or not.
option -
protocol Configure protocol(s) to take add-option action on (HTTP, HTTPS, or both).
https: Perform add-option action on HTTPS.
http: Perform add-option action on HTTP.
option -

Configure web proxy profiles.

  config web-proxy profile
      Description: Configure web proxy profiles.
      edit <name>
          set header-client-ip [pass|add|...]
          set header-via-request [pass|add|...]
          set header-via-response [pass|add|...]
          set header-x-forwarded-for [pass|add|...]
          set header-front-end-https [pass|add|...]
          set header-x-authenticated-user [pass|add|...]
          set header-x-authenticated-groups [pass|add|...]
          set strip-encoding [enable|disable]
          set log-header-change [enable|disable]
          config headers
              Description: Configure HTTP forwarded requests headers.
              edit <id>
                  set name {string}
                  set dstaddr <name1>, <name2>, ...
                  set dstaddr6 <name1>, <name2>, ...
                  set action [add-to-request|add-to-response|...]
                  set content {string}
                  set base64-encoding [disable|enable]
                  set add-option [append|new-on-not-found|...]
                  set protocol {option1}, {option2}, ...
              next
          end
      next
  end

config web-proxy profile

Parameter Name Description Type Size
header-client-ip Action to take on the HTTP client-IP header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
header-via-request Action to take on the HTTP via header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
header-via-response Action to take on the HTTP via header in forwarded responses: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
header-x-forwarded-for Action to take on the HTTP x-forwarded-for header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
header-front-end-https Action to take on the HTTP front-end-HTTPS header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
header-x-authenticated-user Action to take on the HTTP x-authenticated-user header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
header-x-authenticated-groups Action to take on the HTTP x-authenticated-groups header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
pass: Forward the same HTTP header.
add: Add the HTTP header.
remove: Remove the HTTP header.
option -
strip-encoding Enable/disable stripping unsupported encoding from the request header.
enable: Enable stripping of unsupported encoding from the request header.
disable: Disable stripping of unsupported encoding from the request header.
option -
log-header-change Enable/disable logging HTTP header changes.
enable: Enable Enable/disable logging HTTP header changes.
disable: Disable Enable/disable logging HTTP header changes.
option -

config headers

Parameter Name Description Type Size
name HTTP forwarded header name. string Maximum length: 79
dstaddr <name> Destination address and address group names.
Address name.
string Maximum length: 79
dstaddr6 <name> Destination address and address group names (IPv6).
Address name.
string Maximum length: 79
action Action when the HTTP header is forwarded.
add-to-request: Add the HTTP header to request.
add-to-response: Add the HTTP header to response.
remove-from-request: Remove the HTTP header from request.
remove-from-response: Remove the HTTP header from response.
option -
content HTTP header content. string Maximum length: 255
base64-encoding Enable/disable use of base64 encoding of HTTP content.
disable: Disable use of base64 encoding of HTTP content.
enable: Enable use of base64 encoding of HTTP content.
option -
add-option Configure options to append content to existing HTTP header or add new HTTP header.
append: Append content to existing HTTP header or create new header if HTTP header is not found.
new-on-not-found: Create new header only if existing HTTP header is not found.
new: Create new header regardless if existing HTTP header is found or not.
option -
protocol Configure protocol(s) to take add-option action on (HTTP, HTTPS, or both).
https: Perform add-option action on HTTPS.
http: Perform add-option action on HTTP.
option -