Apache origin and header conversion to iRules

Question

I need to take this an Irule f5 can you help me with this please
&lt;IfModule mod_headers.c&gt;Header edit Set-Cookie ^(.*)$ $1;SameSite=None;SecureSetEnvIf Origin "^http(s)?://(.+\.)?tgr\.cl$" AccessControlAllowOrigin=$0Header set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOriginHeader set Access-Control-Allow-Credentials "true"&lt;/IfModule&gt;

jrahm · Answer

Hi&nbsp;Patricio_quirog,&nbsp;I'm no expert on apache configs...but I think&nbsp;this duplicates the logic. Test for sure before rolling anything to a production environment:
when HTTP_REQUEST {
  set host [HTTP::host]
  if { $host ends_with “tgr.cl” } {
    set origin_match 1
  } else { ## what to do if it does not match? }
}
when HTTP_RESPONSE {
  if { [info exists origin_match] } {
    HTTP::header remove Access-Control-Allow-Origin
    HTTP::header remove Access-Control-Allow-Credentials
    HTTP::header insert Access-Control-Allow-Origin $host
    HTTP::header insert Access-Control-Allow-Credentials true
  }
}

patricio_quirog · Answer

thanks and&nbsp; for sure put into a test enviroment first.

Forum Discussion

Apache origin and header conversion to iRules

Recent Discussions

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Client SSL Profile set to Require Client Certificate breaks RDP in APM

Related Content

Apache Airflow Unsafe API Endpoint

F5 Distributed Cloud Origin Server Subset Rules

Conversion license

F5 Distributed Cloud - Mitigation for Cross Tenant Origin Exposure (CTOE)

F5 SIRT on the Apache Commons Configuration CVE-2022-33980?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS