Block specific URI

I am trying to block a URI using iRule. I want to block only the URI listed on my uri-notallowed_data_group which do not match the network_allowed_data_group

 

I created two data groups

 

uri-notallowed_data_group

 

/abc/login?returnurl=/abc

 

/abc/

 

/abc

 

network_allowed_data_group

 

192.168.0.0/16

 

iRule

 

when HTTP_REQUEST {

 

if {[class match [string tolower [HTTP::uri]] equals uri-notallowed_data_group] and not [class match [IP::client_addr] equals network_allowed_data_group]}

 

{

 

log local0. "Dropped Connection [HTTP::uri]"

 

drop

 

}

 

}

 

iRule is blocking /abc/ , /abc and if the URI is entered as lower case.

 

The issue is that the page loads if the address has capital letters e.g https://www.xyz.com/Abc/Login?ReturnUrl=/Abc

 

Any idea why the URI is not being converted to lower case even though I am using string tolower [HTTP::uri]