Forum Discussion
BharatSharda
Altostratus
AltostratusInsert text to HTTP header via iRule event during APM execution
Hi Community Members,
We are trying to insert some text to HTTP header through an iRule which will check for ACCESS_POLICY_AGENT_EVENT generated by via iRule event during an APM checking.
Event "event_1" is getting generated via APM. There is below iRule that is doing the header injection if "event_1" is generated.
when ACCESS_POLICY_AGENT_EVENT {
if { [ACCESS::policy agent_id] eq "event_1" } {
HTTP::header insert "my_text" value
}
}
But in our checking it was found that the header injection during APM execution by an iRule is not working.
Below F5 article also mentions the similar thing:
https://support.f5.com/csp/article/K22055705
Is there a way out by which we can still insert the desired text, value combination to HTTP header?
Any leads would be helpful. Thanks!
Cheers,
Bharat
HTTP_REQUEST_SEND is also one of the event can be used to send the APM variable.
https://support.f5.com/csp/article/K74392192
so worth trying below. modify as needed.
when ACCESS_POLICY_AGENT_EVENT { if { [ACCESS::policy agent_id] eq "event_1" } { ACCESS::session data set session.custom.header "value" set header [ACCESS::session data get "session.custom.header"] } } when HTTP_REQUEST_SEND { clientside { if {[info exists header]}{ HTTP::header insert "headername" $header } else { return } } }
spalandeNacreous
HTTP_REQUEST_SEND is also one of the event can be used to send the APM variable.
https://support.f5.com/csp/article/K74392192
so worth trying below. modify as needed.
when ACCESS_POLICY_AGENT_EVENT { if { [ACCESS::policy agent_id] eq "event_1" } { ACCESS::session data set session.custom.header "value" set header [ACCESS::session data get "session.custom.header"] } } when HTTP_REQUEST_SEND { clientside { if {[info exists header]}{ HTTP::header insert "headername" $header } else { return } } }
BharatShardawhen ACCESS_POLICY_AGENT_EVENT { if { [ACCESS::policy agent_id] eq "event_1" } { ACCESS::session data set session.custom.header "1" } else { ACCESS::session data set session.custom.header "0" } when HTTP_REQUEST_SEND { clientside { set header [ACCESS::session data get "session.custom.header"] if { $header }{ HTTP::header insert "headername" $header } else { return } } }Hi Sanjay,
This worked for my case with a little tweak, had to set the $header again in HTTP_REQUEST_SEND to proceed with the HTTP header insertion. Also the log local0. helped a lot. Thank you for your inputs in here. Cheers.
I traced the HTTP headers by printing then in ltm logs referring to https://support.f5.com/csp/article/K42210592
when HTTP_REQUEST { foreach aHeader [HTTP::header names] { log local0. "HTTP Request Headers: $aHeader: [HTTP::header value $aHeader]" } }
- Nikoolayy1
MVP
You want to insert the header in the request or response ?
Try with "ACCESS_POLICY_COMPLETED" or "HTTP_REQUEST" or "ACCESS_ACL_ALLOWED" or even "HTTP_REQUEST" to do this.
You may also see:
https://devcentral.f5.com/s/question/0D71T000006gzth/detail?s1oid=00D00000000hXqv&s1nid=0DB1T0000008Ony&emkind=chatterCommentNotification&s1uid=0051T000008eyBa&emtm=1617222886798&fromEmail=1&s1ext=0
- BharatSharda
Hi Nikoolayy1,
Thank you for your suggestion.
Our expectation is to insert the header when the flow goes through just a certain APM check (branch path) and a certain condition is met, that is because we tried to use ACCESS_POLICY_AGENT_EVENT. Header should not be added by any other APM branch.
If we use "ACCESS_POLICY_COMPLETED" or "HTTP_REQUEST" or "ACCESS_ACL_ALLOWED" or even "HTTP_REQUEST", header will be added for all the checks, not just by a specific APM.
- spalande
May be worth to try something like below. Let us know how the testing goes
when ACCESS_POLICY_AGENT_EVENT { if { [ACCESS::policy agent_id] eq "event_1" } { ACCESS::session data set session.custom.header "value" set header [ACCESS::session data get "session.custom.header"] } } when ACCESS_POLICY_COMPLETED { if {[info exists header]}{ HTTP::header replace "headername" $header } else { return } }
- spalande
Glad it worked and thank you for the feedback with an updated iRule
