Forum Discussion

Cirrostratus

Jul 07, 2015

Allow specif files to be upload

I need to allow specific files to be uploaded in a app. e.g not allowing .exe or .sh Issue is that file is uploaded in post via content of request. how can this be managed via LTM policy or of irule.

File Name is mentioned as followin in Content-Disposition header.

Content-Disposition: form-data; name="filedata"; filename="test.php"

application delivery

BIG-IP Access Policy Manager (APM)

1 Reply

Michael_Jenkins

Cirrostratus

Jul 08, 2015

Could you just create an iRule that will reject requests to upload certain files? Something like

when HTTP_REQUEST {
    if { [HTTP::header exists "Content-Disposition"] } {
        switch -glob [HTTP::header value "Content-Disposition"] {
            "*filename=*.exe*" -
            "*filename=*.sh*" {
                 Reject however you'd like:
                 reject
                 HTTP::redirect "/error"
            }
        }
    }
}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)