HAProxy CORS config for Openstack Swift using radosgw - with fixed buffer issue

haproxy.cfg

global
  chroot /var/lib/haproxy
  stats socket /run/haproxy/admin.sock mode 660 level admin
  stats timeout 30s
  user haproxy
  group haproxy
  daemon
  ca-base /etc/ssl/certs
  crt-base /etc/ssl/private
  ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
  ssl-default-bind-options no-sslv3
  lua-load /etc/haproxy/cors.lua
  tune.maxrewrite 4096

defaults
  log global
  mode http
  option redispatch
  option httplog
  option forwardfor
  retries 3
  timeout http-request 10s
  timeout queue 2m
  timeout connect 1m
  timeout client 10m
  timeout server 10m
  timeout check 10s
  errorfile 400 /etc/haproxy/errors/400.http
  errorfile 403 /etc/haproxy/errors/403.http
  errorfile 408 /etc/haproxy/errors/408.http
  errorfile 500 /etc/haproxy/errors/500.http
  errorfile 502 /etc/haproxy/errors/502.http
  errorfile 503 /etc/haproxy/errors/503.http
  errorfile 504 /etc/haproxy/errors/504.http

listen stats
  bind 0.0.0.0:9000  # Listen on localhost:9000
  mode http
  stats enable  # Enable stats page
  stats realm Haproxy\ Statistics  # Title text for popup window
  stats uri /haproxy_stats  # Stats URI
  stats auth Username:Password  # Authentication credentials

 frontend objectstore
  log /dev/log local2 debug
  option http-buffer-request
  bind 0.0.0.0:443 ssl crt /etc/haproxy/haproxy.pem
  http-request del-header X-Forwarded-Proto if { ssl_fc }
  http-request set-header X-Forwarded-Proto https if { ssl_fc }
  default_backend radosgw
  capture request header origin len 128
  http-request use-service lua.cors-response if METH_OPTIONS { req.hdr(origin) -m found }
  http-request set-header Access-Control-Allow-Origin %[capture.req.hdr(0)] if { capture.req.hdr(0) -m found }
  http-request set-header Access-Control-Allow-Credentials:\ true if { capture.req.hdr(0) -m found }
  http-request set-header Access-Control-Expose-Headers:\ Location,\ Www-Authenticate,\ ETag,\ Expires,\ Last-Modified,\ Cache-Control,\ Content-Type,\ X-Auth-Token,\ X-Service-Token,\ X-Newest,\ X-Trans-Id-Extra,\ X-Trans-Id,\ X-Account-Meta-Temp-URL-Key,\ X-Account-Meta-Temp-URL-Key-2,\ X-Timestamp,\ X-Openstack-Request-Id,\ X-Account-Bytes-Used,\ X-Account-Container-Count,\ X-Account-Object-Count,\ X-Account-Meta-Quota-Bytes,\ X-Account-Access-Control,\ X-Container-Meta-Temp-URL-Key,\ X-Container-Meta-Temp-URL-Key-2,\ X-Storage-Policy,\ X-Container-Object-Count,\ X-Container-Bytes-Used,\ X-Container-Meta-Quota-Count,\ X-Container-Meta-Quota-Bytes,\ X-Container-Read,\ X-Container-Write,\ X-Container-Sync-Key,\ X-Container-Sync-To,\ X-Versions-Location,\ X-History-Location,\ X-Container-Meta-Access-Control-Allow-Origin,\ X-Container-Meta-Access-Control-Max-Age,\ X-Container-Meta-Access-Control-Expose-Headers,\ X-Remove-Container-Read,\ X-Remove-Versions-Location,\ X-Remove-History-Location,\ X-Object-Manifest,\ X-Delete-At,\ X-Static-Large-Object,\ X-Detect-Content-Type,\ X-Copy-From,\ X-Copy-From-Account,\ X-Delete-After,\ X-Fresh-Metadata,\ X-Copied-From-Last-Modified,\ X-Copied-From,\ X-Copied-From-Account,\ X-Container-Meta-Web-Directory-Type

backend radosgw
  option prefer-last-server
  balance leastconn
  server ceph00 10.10.16.10:7480 check inter 2000 rise 2 fall 5
  # more servers here