404 irule with security headers

Question

I am writting an irule to return a ifile (for a 404 error).  In addition to returning the ifile (which does work) I want to insert security headers (this isnt working.  How can I insert these headers&nbsp;
when HTTP_REQUEST {
  set host [HTTP::host]
  set path [HTTP::path]
  switch $path {
    "/PageNotFound" {
      HTTP::respond 200 content [ifile get "PageNotFound_html"]
    }
  }
}
when HTTP_RESPONSE {&nbsp;
if { [HTTP::status] eq "404" } { HTTP::redirect "https://${host}/PageNotFound?url=${path}"
    HTTP::header insert "X-Frame-Options" "DENY" 
    HTTP::header insert "X-XSS-Protection" "1; mode=block" 
    HTTP::header insert "X-Content-Type-Options" "'nosniff'"
 }&nbsp;
}&nbsp;

jad_tabbara__j1 · Answer

Hello Pedinopa,
Try this 
when HTTP_REQUEST {

set host [HTTP::host] 
set path [HTTP::path]

switch $path {

"/PageNotFound" { 
        HTTP::respond 200 content [ifile get "PageNotFound_html"] "X-Frame-Options" "DENY" "X-XSS-Protection" "1; mode=block" "X-Content-Type-Options" "'nosniff'" "Connection" "Close"
    }

}

when HTTP_RESPONSE {

if { [HTTP::status] eq "404" } { 
        HTTP::redirect "https://${host}/PageNotFound?url=${path}" 
    }

}

Please give a feedback
Hope it helps

Forum Discussion

404 irule with security headers

1 Reply

How I did it - "High-Performance S3 Load Balancing of Dell ObjectScale with F5 BIG-IP"

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

ISV logging in 17.1.2.2

How to manage certificates with Kojot-Acme in a multi-partition F5 structure

OpenSSH vulnerability

vscode API client that doesn't charge for OAuth2.0?

No traffic on network card in virtual Big-IP

Related Content

iRule to modify a content-security-policy header

Security Headers Insertion

Security headers

Avoiding Common iRules Security Pitfalls

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS