diff --git a/include/types/acl.h b/include/types/acl.h
index aff330ea6..fad376105 100644
--- a/include/types/acl.h
+++ b/include/types/acl.h
@@ -84,6 +84,7 @@ enum {
 	ACL_TEST_F_RES_PASS   = 1 << 10,/* with SET_RESULT, sets result to PASS (defaults to FAIL) */
 	ACL_TEST_F_SET_RES_PASS = (ACL_TEST_F_RES_SET|ACL_TEST_F_RES_PASS),  /* sets result to PASS */
 	ACL_TEST_F_SET_RES_FAIL = (ACL_TEST_F_RES_SET),                      /* sets result to FAIL */
+	ACL_TEST_F_NULL_MATCH = 1 << 11,/* call expr->kw->match with NULL pattern if expr->patterns is empty */
 };
 
 /* ACLs can be evaluated on requests and on responses, and on partial or complete data */
diff --git a/src/acl.c b/src/acl.c
index 08aac69f5..eb75b0ee6 100644
--- a/src/acl.c
+++ b/src/acl.c
@@ -1087,6 +1087,9 @@ int acl_exec_cond(struct acl_cond *cond, struct proxy *px, struct session *l4, v
 						if (acl_res == ACL_PAT_PASS)
 							break;
 					}
+
+					if ((test.flags & ACL_TEST_F_NULL_MATCH) && LIST_ISEMPTY(&expr->patterns))
+						acl_res |= expr->kw->match(&test, NULL);
 				}
 				/*
 				 * OK now acl_res holds the result of this expression