Forum Discussion
hooleylist
Jan 25, 2012Cirrostratus
Hi Arthur,
ASM_REQUEST_VIOLATION is triggered when ASM validates the request. If you insert a header in that event it will be done in the request proxied to the server. The server wouldn't include the header in its response so you wouldn't see the header in HTTP_RESPONSE.
If you want the header inserted in the response so the client sees it, can you try this? If you want to save the output from a command in ASM_REQUEST_VIOLATION, you could do that too and reference it in HTTP_RESPONSE.
when HTTP_REQUEST {
set insert_header 0
}
when ASM_REQUEST_VIOLATION {
set insert_header 1
}
when HTTP_RESPONSE {
if {$insert_header}{
HTTP::header insert "X-CSRF-VIOLATION" "Smurf"
log local0. "ASM_REQUEST_VIOLATION on [HTTP::uri]"
log local0. "Header value is [HTTP::header X-CSRF-VIOLATION]"
}
}
Or if the check / full policy is in blocking mode, you'd use ASM_REQUEST_BLOCKING:
http://devcentral.f5.com/wiki/iRules.asm.ashx
Aaron