CodeShare - Phising preventation

Question

I am just starting to learn iRules and I am examining the CodeShare examples to learn from best practices. &nbsp;
&nbsp;Looking at the Phising Prevention iRule, I think that some optimization is possible. The iRule can be evated using capital characters in filename extensions&nbsp;
&nbsp;This is the code in line 32:&nbsp;&nbsp;    if { ([string tolower [HTTP::method] ] eq "get") &amp;&amp; ([matchclass [HTTP::uri] contains $::file_types] &gt; 0 )} { &nbsp;
&nbsp;I would suggest the line below is better.&nbsp;&nbsp;    if { ([string tolower [HTTP::method] ] eq "get") &amp;&amp; ([matchclass [string tolower[HTTP::uri]] contains $::file_types] &gt; 0 )} { &nbsp;
&nbsp;The only uncertainty is that I assumed that matchclass is case sensitive.&nbsp;
&nbsp;Im I right on this or did I miss something?&nbsp;
&nbsp;For reference: the class file_types that is referred to is defined as below: &nbsp;
&nbsp;class file_types {
&nbsp;  ".gif"
&nbsp;  ".jpg"
&nbsp;  ".png"
&nbsp;  ".bmp"
&nbsp;  ".js"
&nbsp;  ".css"
&nbsp;  ".xsl"
&nbsp;}

unruley_95363 · Answer

Yup, you're right.  Good eye!

Forum Discussion

CodeShare - Phising preventation

Recent Discussions

Big IP DNS Failover

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

Related Content

The return of DevCentral CodeShare.

Operationlizing Online Fraud Detection, Prevention, and Response

Guarding Large Language Models: Advanced Approaches to Preventing Model Theft

How to Contribute an Article or a Codeshare Entry

API Security Strategy - Discover and map APIs, block unwanted connection and prevent data leakage

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS