Forum Discussion
mtobkes_108891
Apr 13, 2011Nimbostratus
Error with or operator
Hi,
I'm having issues with this iRule when trying to match multiple strings using the or operator. Oddly enough I don't get the error in line 2 but I do in line 4. Can you please tell me how I can accomplish this?
when HTTP_REQUEST {
if { ([string tolower [HTTP::uri]] contains "font") && ([string tolower [HTTP::uri]] ends_with ".eot" || ".ttf") } {
log local0. "uri matches font and allowed extensions"
if { [string tolower [HTTP::header "Referer"]] contains ".abc.com" || ".xyz.com" || ""} {
set referer { [HTTP::header "Referer"] }
log local0. "referer variable set to $referer"
}
else { HTTP::respond 403 content "403 - Forbidden"
log local0. "403 sent to client" }
}
}
Log messages:
Wed Apr 13 15:08:13 EDT 2011 tmm2 tmm2[4964] 01220001 TCL error: font_resource_restriction_403 HTTP_REQUEST - cant use non-numeric string as operand of || while executing if { [string tolower [HTTP::header Referer]] contains .abc.com or .xyz.com } { set referer { [HTTP::header Referer] } log loc...
Wed Apr 13 15:08:13 EDT 2011 tmm2 tmm2[4964] Rule font_resource_restriction_403 HTTP_REQUEST: uri matches font and allowed extensions
Thanks,
-Myles
- Minn_62043CirrostratusIt's because of the empty string at the end of the "if" expression. You can try to use some other function for checking empty string.
- hooleylistCirrostratusHi Myles,
- hooleylistCirrostratusAlso note that the Referer header (and any other HTTP header) can easily be spoofed. So I wouldn't recommend allowing access to sensitive resources based on that.
- mtobkes_64700Nimbostratus
Thanks all!
Here is my updated iRule:
- hooleylistCirrostratusHi Myles,
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects