Forum Discussion
Irule applied stream profile and URLs in comments - any thoughts?
This is more of a general TCL quesiton than an irule question, but it involves the selective application of the stream profile in an irule.
Here is the general form of the irule:
when HTTP_RESPONSE {
if { [HTTP::header Content-Type] starts_with "text/" }{
STREAM::expression
"@http:\u002f\u002fstuff.corp.net@https:\\u002f\\u002f
stuff.corp.net@"
STREAM::enable
log local0. "Streaming enabled for [HTTP::host]"
} else {
STREAM::disable
log local0. "Streaming NOT enabled for [HTTP::host]"
}
}
It works just fine for standard HTTP http to https stream translations, however when faced with a URL within a comment, it does not work, for example:
Are escaped text parts of an HTTP stream 'valid' to a stream profile? Thanks in advance for your thoughts.
hoolioCirrostratus
The stream filter should operate against the entire body of the HTTP if the stream filter is enabled. What is the content type for the Javascript? Do you see the stream filter being enabled for the Javascript response?
Aaron- Hello,
Yes, the stream profile will rewrite Java responses:
another example of successful stream replacement: (this one is pure HTML) - hoolioDid you have a question?
Aaron - CharlesCS
Cirrus
As a follow-on, I believe the question is:
Given that TCL treats strings which begin with "\u" followed by four hexadecimal characters as a Unicode escape sequence, how can you test a string for the presence of text that resembles -- but isn't -- a Unicode escape? For example, in the javascript cited above, how do you detect the presence or absence of "\u002f" as a text string rather than the Unicode equivalent of "/"?
This isn't limited to stream replacement, as the same issue arises in iRule comparisons. - hoolioIf you're trying to match the literal \u002f you should be able to wrap it in curly braces to prevent interpretation of the characters:
% regexp {\u002f} /
1
Does that work for you, or am I misunderstanding the scenario?
Aaron - hoolioActually, I think that is the issue you're trying to avoid...
If you escape the backslash with a backslash and enclose it in curly braces, it should work for regexp. string match doesn't seem to work the same way though:
% regexp -inline -all {\\u002f} {\\u002f}
{\u002f}
% regexp -inline -all {\\u002f} /
%
% string match {\\u002f} {\\u002f}
0
% string match {\\u002f} /
0
Aaron - CharlesCSUnfortunately, the following iRule still does not appear to be detecting the "\u002f" sequence correctly:
when HTTP_RESPONSE { STREAM::disable STREAM::expression "@http:{\\u002f\\u002f}pl2pass\.allegistest\.net@@" STREAM::enable } when STREAM_MATCHED { log local0. "[IP::client_addr]:[TCP::local_port]: matched: [STREAM::match], replaced with: [string map {http: https:} [STREAM::match]]" STREAM::replace "[string map {http: https:} [STREAM::match]]" }
It may be necessary to abandon the stream profile approach and instead try using the "regex_matches" operator. - hoolioI don't have too much time to test this at the moment. You might try opening a case with F5 Support to see if they have any suggestions.
Aaron - hoolioThat said, do either of these work?
STREAM::expression {@http:{\\u002f\\u002f}pl2pass\.allegistest\.net@@}
STREAM::expression {@http:\\u002f\\u002fpl2pass\.allegistest\.net@@}
Aaron - CharlesCSNeither of those worked.
Thank you for your efforts, Aaron.
