Fortinet white logo
Fortinet white logo

CLI Reference

config web-proxy profile

config web-proxy profile

Configure web proxy profiles.

config web-proxy profile
    Description: Configure web proxy profiles.
    edit <name>
        set max-cache-object-size {integer}
        set header-client-ip [pass|add|...]
        set header-via-request [pass|add|...]
        set header-via-response [pass|add|...]
        set header-x-forwarded-for [pass|add|...]
        set header-x-forwarded-client-cert [pass|add|...]
        set header-front-end-https [pass|add|...]
        set header-x-authenticated-user [pass|add|...]
        set header-x-authenticated-groups [pass|add|...]
        set strip-encoding [enable|disable]
        set log-header-change [enable|disable]
        config headers
            Description: Configure HTTP forwarded requests headers.
            edit <id>
                set name {string}
                set dstaddr <name1>, <name2>, ...
                set dstaddr6 <name1>, <name2>, ...
                set action [add-to-request|add-to-response|...]
                set content {string}
                set base64-encoding [disable|enable]
                set add-option [append|new-on-not-found|...]
                set protocol {option1}, {option2}, ...
            next
        end
    next
end

config web-proxy profile

Parameter

Description

Type

Size

Default

name

Profile name.

string

Maximum length: 63

max-cache-object-size

Maximum cacheable object size in KB. When the value is set to 0, the max cache object size will be max-object-size under webcache settings.

integer

Minimum value: 0 Maximum value: 3984384

0

header-client-ip

Action to take on the HTTP client-IP header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-via-request

Action to take on the HTTP via header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-via-response

Action to take on the HTTP via header in forwarded responses: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-x-forwarded-for

Action to take on the HTTP x-forwarded-for header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-x-forwarded-client-cert

Action to take on the HTTP x-forwarded-client-cert header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-front-end-https

Action to take on the HTTP front-end-HTTPS header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-x-authenticated-user

Action to take on the HTTP x-authenticated-user header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-x-authenticated-groups

Action to take on the HTTP x-authenticated-groups header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

strip-encoding

Enable/disable stripping unsupported encoding from the request header.

option

-

disable

Option

Description

enable

Enable stripping of unsupported encoding from the request header.

disable

Disable stripping of unsupported encoding from the request header.

log-header-change

Enable/disable logging HTTP header changes.

option

-

disable

Option

Description

enable

Enable Enable/disable logging HTTP header changes.

disable

Disable Enable/disable logging HTTP header changes.

config headers

Parameter

Description

Type

Size

Default

id

HTTP forwarded header id.

integer

Minimum value: 0 Maximum value: 4294967295

0

name

HTTP forwarded header name.

string

Maximum length: 79

dstaddr <name>

Destination address and address group names.

Address name.

string

Maximum length: 79

dstaddr6 <name>

Destination address and address group names (IPv6).

Address name.

string

Maximum length: 79

action

Configure adding, removing, or logging of the HTTP header entry in HTTP requests and responses.

option

-

add-to-request

Option

Description

add-to-request

Add the HTTP header to request.

add-to-response

Add the HTTP header to response.

remove-from-request

Remove the HTTP header from request.

remove-from-response

Remove the HTTP header from response.

monitor-request

Record the HTTP header in utm-webfilter log.

monitor-response

Record the HTTP header in utm-webfilter log.

content

HTTP header content.

string

Maximum length: 1023

base64-encoding

Enable/disable use of base64 encoding of HTTP content.

option

-

disable

Option

Description

disable

Disable use of base64 encoding of HTTP content.

enable

Enable use of base64 encoding of HTTP content.

add-option

Configure options to append content to existing HTTP header or add new HTTP header.

option

-

new

Option

Description

append

Append content to existing HTTP header or create new header if HTTP header is not found.

new-on-not-found

Create new header only if existing HTTP header is not found.

new

Create new header regardless if existing HTTP header is found or not.

replace

Replace content to existing HTTP header or create new header if HTTP header is not found.

replace-when-match

Replace content to existing HTTP header.

protocol

Configure protocol(s) to take add-option action on (HTTP, HTTPS, or both).

option

-

https http

Option

Description

https

Perform add-option action on HTTPS.

http

Perform add-option action on HTTP.

config web-proxy profile

config web-proxy profile

Configure web proxy profiles.

config web-proxy profile
    Description: Configure web proxy profiles.
    edit <name>
        set max-cache-object-size {integer}
        set header-client-ip [pass|add|...]
        set header-via-request [pass|add|...]
        set header-via-response [pass|add|...]
        set header-x-forwarded-for [pass|add|...]
        set header-x-forwarded-client-cert [pass|add|...]
        set header-front-end-https [pass|add|...]
        set header-x-authenticated-user [pass|add|...]
        set header-x-authenticated-groups [pass|add|...]
        set strip-encoding [enable|disable]
        set log-header-change [enable|disable]
        config headers
            Description: Configure HTTP forwarded requests headers.
            edit <id>
                set name {string}
                set dstaddr <name1>, <name2>, ...
                set dstaddr6 <name1>, <name2>, ...
                set action [add-to-request|add-to-response|...]
                set content {string}
                set base64-encoding [disable|enable]
                set add-option [append|new-on-not-found|...]
                set protocol {option1}, {option2}, ...
            next
        end
    next
end

config web-proxy profile

Parameter

Description

Type

Size

Default

name

Profile name.

string

Maximum length: 63

max-cache-object-size

Maximum cacheable object size in KB. When the value is set to 0, the max cache object size will be max-object-size under webcache settings.

integer

Minimum value: 0 Maximum value: 3984384

0

header-client-ip

Action to take on the HTTP client-IP header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-via-request

Action to take on the HTTP via header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-via-response

Action to take on the HTTP via header in forwarded responses: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-x-forwarded-for

Action to take on the HTTP x-forwarded-for header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-x-forwarded-client-cert

Action to take on the HTTP x-forwarded-client-cert header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-front-end-https

Action to take on the HTTP front-end-HTTPS header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-x-authenticated-user

Action to take on the HTTP x-authenticated-user header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

header-x-authenticated-groups

Action to take on the HTTP x-authenticated-groups header in forwarded requests: forwards (pass), adds, or removes the HTTP header.

option

-

pass

Option

Description

pass

Forward the same HTTP header.

add

Add the HTTP header.

remove

Remove the HTTP header.

strip-encoding

Enable/disable stripping unsupported encoding from the request header.

option

-

disable

Option

Description

enable

Enable stripping of unsupported encoding from the request header.

disable

Disable stripping of unsupported encoding from the request header.

log-header-change

Enable/disable logging HTTP header changes.

option

-

disable

Option

Description

enable

Enable Enable/disable logging HTTP header changes.

disable

Disable Enable/disable logging HTTP header changes.

config headers

Parameter

Description

Type

Size

Default

id

HTTP forwarded header id.

integer

Minimum value: 0 Maximum value: 4294967295

0

name

HTTP forwarded header name.

string

Maximum length: 79

dstaddr <name>

Destination address and address group names.

Address name.

string

Maximum length: 79

dstaddr6 <name>

Destination address and address group names (IPv6).

Address name.

string

Maximum length: 79

action

Configure adding, removing, or logging of the HTTP header entry in HTTP requests and responses.

option

-

add-to-request

Option

Description

add-to-request

Add the HTTP header to request.

add-to-response

Add the HTTP header to response.

remove-from-request

Remove the HTTP header from request.

remove-from-response

Remove the HTTP header from response.

monitor-request

Record the HTTP header in utm-webfilter log.

monitor-response

Record the HTTP header in utm-webfilter log.

content

HTTP header content.

string

Maximum length: 1023

base64-encoding

Enable/disable use of base64 encoding of HTTP content.

option

-

disable

Option

Description

disable

Disable use of base64 encoding of HTTP content.

enable

Enable use of base64 encoding of HTTP content.

add-option

Configure options to append content to existing HTTP header or add new HTTP header.

option

-

new

Option

Description

append

Append content to existing HTTP header or create new header if HTTP header is not found.

new-on-not-found

Create new header only if existing HTTP header is not found.

new

Create new header regardless if existing HTTP header is found or not.

replace

Replace content to existing HTTP header or create new header if HTTP header is not found.

replace-when-match

Replace content to existing HTTP header.

protocol

Configure protocol(s) to take add-option action on (HTTP, HTTPS, or both).

option

-

https http

Option

Description

https

Perform add-option action on HTTPS.

http

Perform add-option action on HTTP.