Forum Discussion

Marvin_129795's avatar
Marvin_129795
Icon for Nimbostratus rankNimbostratus
Apr 03, 2019

Collect and resend cookie headers and values in 307 POST redirect

Hi All,

I am working on a solution to trigger a APM access policy logout and afterwards send the POST request with data and headers to the external website. The reason why I do this is quiet complex and I can explain this setup in another article. The issue is that the HTTP cookies and values are not being send to the external website.

So I created the following Irule and when there is an APM allowed session and the URL /logmeout is triggered the session is closed and the client receives the redirect 307 with POST method and data, but the HTTP cookies are missing from the request.

I was thinking to include a set cookie for each cookie but there are several cookies here which need to be resend.

Is there perhaps an easier way to retrieve the original cookies and values store them in a variable and use it in the ACCESS::respond action? perhaps using the HTTP::cookie names method will that store all cookie names and values at once?

when ACCESS_ACL_ALLOWED {

if { [HTTP::uri] contains "/logmeout" } {
    log local0. "logout requested from IP [IP::client_addr] URI [HTTP::uri] query [HTTP::query]"
    ACCESS::session remove
    ACCESS::respond 307 Location "HTTPS://myredirectwebsite[HTTP::query]" 
}

}

  • Hi Marvin,

    you could read the Cookie-Header of the logout request, URI encode the entire cookie header value and append it to the existing

    [HTTP::uri]
    of the logout request.

    when ACCESS_ACL_ALLOWED {
        if { [HTTP::path] equals "/logmeout" } then {
            log local0. "logout requested from IP \"[IP::client_addr]\" URI \"[HTTP::uri]\" query \"[HTTP::query]\" cookies \"[HTTP::header value "Cookie"]\""
            ACCESS::session remove
            ACCESS::respond 307 Location "HTTPS://myredirectwebsite/?[join "[HTTP::query] cookies=[URI::encode [HTTP::header value "Cookie"]] referer=[URI::encode [HTTP::header value "Referer"]]" "&" ]" 
        }
    }
    

    Cheers, Kai