Forum Discussion

Nimbostratus

Feb 09, 2016

HTTP Headers - HTTP Compliance Failed

GET /xy/login.html?lang=ar HTTP/1.1 Host: www.abcdef.com Connection: keep-alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 User-Agent: Mozilla/5.0 (Linux; Androi...

Employee

Feb 11, 2016

How to convey this to application team.?

You first have to define what application needs this header, if the header is necessary for the application to function, and/or if it's acceptable to add a value to it. This information will likely come from the application team directly. Or as is usually the case, because they won't know, after simply testing your header removal or value-adding iRule code.

Is there any way to ignore individual http header?

Again, you're asking about compliance and functionality, which are sometimes contrary to one another. If the application needs it, and it needs the value to be blank, then you're simply not going to get compliance.

I am unable to find such option in WAF.

Not sure what you're asking here.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)