Forum Discussion
Simon_Blakely
Employee
Vadym,
HTTP::respond does not allow variables to be expanded and evaluated in the context of the command execution.
You will need to use eval. However, this introduces the risk of a TCL injection vulnerability.
when HTTP_RESPONSE {
if {[HTTP::has_responded]} {return}
catch { unset hdrs }
foreach header [HTTP::header names] {
lappend hdrs $header "[HTTP::header $header]"
}
log local0. "Headers: $hdrs"
eval HTTP::respond 301 -version auto $hdrs
}
You may also need to play with quoting the values.
Vladimir_Akhmarov
Aug 08, 2023Cirrus
Hello Simon
Tried this approach for modified Exchange iRule to logout user and sometimes I caught connection reset inside browser (but there is no TCL error inside LTM logs). So I cannot understand why "eval {}" with variable leads to connection errors compared with regular HTTP::respond header1 value1 header2 value2 ...
My code
when RULE_INIT priority 500 {
set static::hdrs [list \
"\"Location\" \"/vdesk/hangup.php3\"" \
"\"Content-Type\" \"text/html\"" \
"\"Cache-Control\" \"no-cache, must-revalidate\"" \
"\"Set-Cookie\" \"MRHSession=deleted;expires=Thu, 01-Jan-1970 00:00:00 GMT;path=/;secure\"" \
"\"Set-Cookie\" \"LastMRH_Session=deleted;expires=Thu, 01-Jan-1970 00:00:00 GMT;path=/;secure\"" \
"\"Set-Cookie\" \"cadata=null;Expires=Thu, 01-Jan-1970 00:00:00 GMT;path=/;secure\"" \
"\"Set-Cookie\" \"ClientId=null;Expires=Thu, 01-Jan-1970 00:00:00 GMT;path=/;secure\"" \
"\"Set-Cookie\" \"UC=null;Expires=Thu, 01-Jan-1970 00:00:00 GMT;path=/;secure\"" \
"\"Set-Cookie\" \"X-BackEndCookie=null;Expires=Thu, 01-Jan-1970 00:00:00 GMT;path=/;secure\"" \
"\"Set-Cookie\" \"X-OWA-CANARY=null;Expires=Thu, 01-Jan-1970 00:00:00 GMT;path=/;secure\"" \
]
}
when HTTP_REQUEST priority 500 {
...
eval {HTTP::respond 302 -version 1.1 noserver "[join $static::hdrs]"}
...
}
when ACCESS_SESSION_STARTED priority 500 {
...
eval {ACCESS::respond 302 -version 1.1 noserver "[join $static::hdrs]"}
...
}
Do you know maybe there are some gotchas that should be included in the code?