Forum Discussion
mtobkes_108891
Nimbostratus
NimbostratusError with or operator
Hi,
I'm having issues with this iRule when trying to match multiple strings using the or operator. Oddly enough I don't get the error in line 2 but I do in line 4. Can you please tell me h...
mtobkes_64700Nimbostratus
NimbostratusThanks all!
Here is my updated iRule:
when HTTP_REQUEST {
set uri [string tolower [HTTP::uri]]
if { ($uri contains "font") && ($uri ends_with ".eot" || $uri ends_with ".ttf" || $uri ends_with ".svg" || $uri ends_with ".woff") } {
log local0. "uri matches font and allowed extensions"
set headerstr [string tolower [HTTP::header "Referer"]]
if { $headerstr contains ".abc.com" || $headerstr contains ".xyz.com" || $headerstr contains ""} {
set referer { [HTTP::header "Referer"] }
log local0. "referer variable set to $referer"
set origin { [HTTP::header "Origin"] }
log local0. "origin variable set to $origin"
} else { HTTP::respond 403 content "403 - Forbidden"
log local0. "403 sent to client"
}
}
}
when HTTP_RESPONSE {
if { [$origin exists] } {
HTTP::header insert Access-Control-Allow-Origin [$origin]
}
}
If not the referer, what other option is there since referer is easily spoofed? I am using the origin header in my responses but it is not always present in requests.
Thanks again for all your help!
Myles