Forum Discussion
BaaDf00d_300951
Nimbostratus
NimbostratusASM redirect on api call, does not generate a redirect for a user
Hi,
Looking to solve a problem with a ASM Policy.
Where by i force it to redirect the user to a custom page explaining what has happened to their request.
But when it blocks a background call ...
So I have sorted out a solution to this albeit not very graceful. I could not get a popup of any type to display. What i did, in the custom response, Dropped a cookie, on the client machine, than on the next request read the cookie with an IRUle and deleted it, forcing a redirect to the block page at that point in time, and passing the support ID through the cookie i had created.
Not very graceful, as it doesnt redirect to the support page instantly, but it shows the support page afterwards. Bit of a hack, issue is that each request redirected by the Location: 302 redirect that works successfully does not delete the cookie, so the support page needs to also delete the cookie to stop repeated redirects.
irule:
when HTTP_REQUEST { set block_is_set [HTTP::cookie exists "Block-Cookie"] if {$block_is_set == 1} { set support_id [HTTP::cookie value "Block-Cookie"] HTTP::cookie remove "Block-Cookie" HTTP::respond 302 noserver Location "https://supportpageDomain/URLPath?support_id=$support_id" Connection close Set-Cookie "Block-Cookie=;expires=Thu, 01 Jan 1970 00:00:00 GMT" } }Custom Response Header:
HTTP/1.1 302 OK Cache-Control: no-cache Pragma: no-cache Location: https://supportpageDomain/URLPath?support_id=<%TS.request.ID()%> set-cookie: Block-Cookie=<%TS.request.ID()%>; Path=/; HttpOnly; Secure
BaaDf00d_300951Nimbostratus
NimbostratusSo I have sorted out a solution to this albeit not very graceful. I could not get a popup of any type to display. What i did, in the custom response, Dropped a cookie, on the client machine, than on the next request read the cookie with an IRUle and deleted it, forcing a redirect to the block page at that point in time, and passing the support ID through the cookie i had created.
Not very graceful, as it doesnt redirect to the support page instantly, but it shows the support page afterwards. Bit of a hack, issue is that each request redirected by the Location: 302 redirect that works successfully does not delete the cookie, so the support page needs to also delete the cookie to stop repeated redirects.
irule:
when HTTP_REQUEST {
set block_is_set [HTTP::cookie exists "Block-Cookie"]
if {$block_is_set == 1} {
set support_id [HTTP::cookie value "Block-Cookie"]
HTTP::cookie remove "Block-Cookie"
HTTP::respond 302 noserver Location "https://supportpageDomain/URLPath?support_id=$support_id" Connection close Set-Cookie "Block-Cookie=;expires=Thu, 01 Jan 1970 00:00:00 GMT"
}
}
Custom Response Header:
HTTP/1.1 302 OK
Cache-Control: no-cache
Pragma: no-cache
Location: https://supportpageDomain/URLPath?support_id=<%TS.request.ID()%>
set-cookie: Block-Cookie=<%TS.request.ID()%>; Path=/; HttpOnly; Secure