Forum Discussion

bmeyer06_204838

Nimbostratus

Jun 02, 2015

iRule - Header Replace Blacklist

I'm trying to the X-Frame-Options header replace for a website, however some of the pages on the site require that setting to NOT be set. So I'm trying to create a black list of pages and this is wha...

Cirrostratus

Jun 02, 2015

I think this would work, though for performance sake I would do it a little differently (and your strings are mixed case when you're trying to compare on lowecase)...

when HTTP_REQUEST {
    set host [string tolower [HTTP::uri]
}
when HTTP_RESPONSE {
    switch -glob $host {
        "*notthissubfolder11*" -
        "*notthissubfolder12*" -
        "*notthissubfolder13*" {
             Do nothing
        }
        default {
             Replace the header value
            HTTP::header replace X-Frame-Options "SAMEORIGIN"
        }
    }
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

iRule - Header Replace Blacklist

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

Problem with sending BotDefense logs to remote server

ASM/AWAF declarative policy

Related Content

ADFS Proxy Replacement on F5 BIG-IP

BIG-IP AFM Blacklisting Magic

Global Blacklist or Whitelist

Log Http Headers

Strict header Insertion

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS