For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

qqdixf5_74186's avatar
qqdixf5_74186
Icon for Nimbostratus rankNimbostratus
Dec 17, 2007

http::retry question

I am having some problems with a rule which uses http::retry command. What I am trying to do here is authentiting the request against an external service. When a request comes in, an auth request is s...
application delivery
dev
devops
iRules
qqdixf5_74186's avatar
qqdixf5_74186
Icon for Nimbostratus rankNimbostratus
Dec 28, 2007
Thank you for your reply!

 

 

Yes, I thought about the header I added in my original rule might be the problem so I ran tests and captured the tcpdump. It does look like what you descripted.

 

 

GET /website.aspx HTTP/1.0

 

Authenticated: 1 Host: test.example.com

 

 

However, weird thing is it works for some requests. I would expect all request fail if that causes the problem.

 

 

Also, since the purpose of the rule is authenticate before sending request to the backend server, I can't insert a header before knowing the request is authenticated by checking the authentication response.

 

 

I tried to retry the original request without modification. My test rule (in my later post) just sends the request and retries it without any change. It fails too. I also tried sanitize all headers before the request was resent. It doesn't work either. Just not sure what "the request headers must be well-formed and complete" means now. If someone knows more about this, please help. Thank you!