DOC: tcp-rules: Refresh details about L7 matching for tcp-request content rules

Because the parsing of HTTP message is now performed in the HTTP multiplexers,
the content is immediatly available when "tcp-request content" rules are
evaluated for an HTTP frontend. So, it is a good idea to make the documentation
explicit on this point. In addition, because in all cases, the parsing is
already performed, there is no reason to still use "tcp-request content" rules
based on L7 matching, although it is still valid. The recommended way is to use
"http-request" rules instead. Again, it is a good idea to update the
documentation on this point.

(cherry picked from commit 7ea509e15f6fe3390a969f6eec29d76b8732d3aa)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit e821fbde4a7b75ad52fb98a1ea3d77b3ff483054)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>

diff --git a/doc/configuration.txt b/doc/configuration.txt
index bfd2835..82bc193 100644 (file)
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -9730,13 +9730,16 @@ tcp-request content <action> [{if | unless} <condition>]
   "track-sc*" actions as well as for changing the default action to a reject.
 
   It is perfectly possible to match layer 7 contents with "tcp-request content"
-  rules, since HTTP-specific ACL matches are able to preliminarily parse the
-  contents of a buffer before extracting the required data. If the buffered
-  contents do not parse as a valid HTTP message, then the ACL does not match.
-  The parser which is involved there is exactly the same as for all other HTTP
-  processing, so there is no risk of parsing something differently. In an HTTP
-  backend connected to from an HTTP frontend, it is guaranteed that HTTP
-  contents will always be immediately present when the rule is evaluated first.
+  rules from a TCP proxy, since HTTP-specific ACL matches are able to
+  preliminarily parse the contents of a buffer before extracting the required
+  data. If the buffered contents do not parse as a valid HTTP message, then the
+  ACL does not match.  The parser which is involved there is exactly the same
+  as for all other HTTP processing, so there is no risk of parsing something
+  differently. In an HTTP frontend or an HTTP backend, it is guaranteed that
+  HTTP contents will always be immediately present when the rule is evaluated
+  first because the HTTP parsing is performed in the early stages of the
+  connection processing, at the session level. But for such proxies, using
+  "http-request" rules is much more natural and recommended.
 
   Tracking layer7 information is also possible provided that the information
   are present when the rule is processed. The rule processing engine is able to