For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

AnupamG_354580's avatar
AnupamG_354580
Icon for Nimbostratus rankNimbostratus
Jul 09, 2018

authorization header are dropped

Hello Folks , i have two VIP configured , One for PROD and one for UAT . in UAT when i insert any authorization header it gets dropped but PROD is OK   Below are xforward configured . I want to u...
application delivery
iRules
Faruk_AYDIN's avatar
Faruk_AYDIN
Icon for Altostratus rankAltostratus
Jul 09, 2018

Hi Guy,

1. There is some problems. In UAT, 
HTTP::header remove X-Forward-For
line may include misspelling. Correct version must be: 
HTTP::header remove X-Forwarded-For

2. In UAT, if X-Forwaded-For header exists, then new X-forwarded-for header is added. (In the if statement, 
HTTP::header insert X-Forwarded-For [IP::client_addr]
)

3.In UAT, and PROD if X-Forwaded-For header does not exist, then a X-forwarded-for header is added. (In the else statements, 
HTTP::header insert X-Forwarded-For [IP::client_addr]
)

4. In PROD if X-Forwaded-For header exists, then Client IP is added into the existing X-forwarded-for header . (In the if statement, 
HTTP::header replace X-Forwarded-For "[HTTP::header X-Forwarded-For], [IP::client_addr]"
)