Forum Discussion
Kai_Wilke
Sep 06, 2017MVP
Hi Ralgar1,
to inspect post parameters you have to use HTTP::collect to become able to parse the POST-Request data. The
[HTTP::username]
and [HTTP::password]
commands are designed to parse HTTP-BASIC authentication data.
You may use the iRule below as a starting point for your own iRule...
when RULE_INIT {
set static::login_max_post_datasize 1024 ; (bytes)
}
when HTTP_REQUEST {
Check for request to login page...
if { [string tolower [HTTP::path]] ends_with "/login.aspx" } then {
Check for POST request to login page...
if { [HTTP::method] eq "POST" } then {
Check for existence of Content-Length header and enforce maximum POST data size.
if { ( [HTTP::header value "Content-Length"] ne "" )
and ( [HTTP::header value "Content-Length"] <= $static::login_max_post_datasize ) } then {
HTTP::collect the HTTP body based on Content-Length header information.
HTTP::collect [HTTP::header value "Content-Length"]
Set variable as signal for HTTP_REQUEST_DATA event.
set extract_login_data true
} else {
Complain about request body size.
HTTP::respond 500 content "Request body does not exist or is too large" noserver "Content-Type" "text/html"
}
} else {
No POST request. Ignore the request...
}
} else {
No Login page request. Ignore the request...
}
}
when HTTP_REQUEST_DATA {
if { [info exists extract_login_data] } then {
Remove signal variable for subsequent requests on the same TCP connection.
unset -nocomplain extract_login_data
Extract the entire HTTP request body and escape it to become a HTTP::uri string (for easier parsings)
set http_request_body "?[HTTP::payload [HTTP::header value "Content-Length"]]"
Try to parse the username and password value from the HTTP request body.
if { [catch {
set username [URI::decode [URI::query $request_body username]]
set password [URI::decode [URI::query $request_body password]]
}] } then {
Unable to extract the and parse the username and password value from the HTTP request body.
HTTP::respond 500 content "Unable to parse username and/or password from POST data" noserver "Content-Type" "text/html"
return
}
if { ( $username ne "" )
and ( $password ne "" ) } then {
HTTP::respond 200 content "Username: \"$username\" | Password: \"$password\"" noserver "Content-Type" "text/html"
} else {
HTTP::respond 403 content "Username or Password is empty" noserver "Content-Type" "text/html"
}
Do whatever you need to do with the $username or $password variables...
} else {
Event was triggered by another iRule. Ignore the request...
}
}
Cheers, Kai