iRule - Header Replace Blacklist

Question

I'm trying to the X-Frame-Options header replace for a website, however some of the pages on the site require that setting to NOT be set. So I'm trying to create a black list of pages and this is what I've come up with:
when HTTP_REQUEST {
    set my_host_uri [HTTP::uri]
}
when HTTP_RESPONSE {
    if  { 
            (not ([string tolower $my_host_uri] contains "notThisSubfolder1")) &amp;&amp;
            (not ([string tolower $my_host_uri] contains "notThisSubfolder2")) &amp;&amp;
            (not ([string tolower $my_host_uri] contains "notThisSubfolder3"))
        }
        {
            HTTP::header replace X-Frame-Options "SAMEORIGIN"
        }
}

Should this work? Is there a better way to do this?

michael_jenkins · Answer

I think this would work, though for performance sake I would do it a little differently (and your strings are mixed case when you're trying to compare on lowecase)...
when HTTP_REQUEST {
    set host [string tolower [HTTP::uri]
}
when HTTP_RESPONSE {
    switch -glob $host {
        "*notthissubfolder11*" -
        "*notthissubfolder12*" -
        "*notthissubfolder13*" {
             Do nothing
        }
        default {
             Replace the header value
            HTTP::header replace X-Frame-Options "SAMEORIGIN"
        }
    }
}

Forum Discussion

iRule - Header Replace Blacklist

Recent Discussions

VIP needed for many UDP ports

Creating Policy using Terraform

Unable to get Internet in server using SWG forward Proxy.

ASM don't block attack XSS

AWAF ADD-ON MODULE

Related Content

string first replacement procedure for ID999881

BIG-IP AFM Blacklisting Magic

irule url host replacement

F5 GTM GSLB replacement

F5 Policy using replace with TCL

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS