For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

izac_189977's avatar
izac_189977
Icon for Nimbostratus rankNimbostratus
Apr 22, 2015

iRule for stream processing url encoded payload

Hi all,

we are using am iRule for replacing http:// with https:// within the payload. Works very well so far. Now we have url encoded strings and I like to replace them as well replace http%3A%2F%2F with https%3A%2F%2F. I added the stream statement to my existing iRule, but it doesn't work. And it seems to break the first stream expression Any help would be great.

This is my iRule 

when HTTP_REQUEST {
STREAM::disable
HTTP::header remove "Accept-Encoding"
    }
    when HTTP_RESPONSE {
if {[HTTP::header value Content-Type] contains "text"}{

    STREAM::expression {@http://@https://@}
    STREAM::expression {@http%3A%2F%2F@https%3A%2F%2F@}
    STREAM::enable
}

}

application delivery
devops
iRules

2 Replies

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Apr 22, 2015

    can you try something like this?

    e.g.

     configuration

[root@ve11c:Active:In Sync] config  tmsh list ltm rule qux
ltm rule qux {
    when HTTP_REQUEST {
  STREAM::disable
  HTTP::header remove "Accept-Encoding"
}
when HTTP_RESPONSE {
  if { [HTTP::header value Content-Type] contains "text"} {
    STREAM::expression {@http://@https://@@http%3A%2F%2F@https%3A%2F%2F@}
    STREAM::enable
  }
}
}

 test (to server directly)

[root@ve11c:Active:In Sync] config  curl http://200.200.200.101/test.html
line1 hello world
line2 http://www.google.com/
line3 http%3A%2F%2Fwww.google.com%2F
line4 end

 test (via virtual server)

[root@ve11c:Active:In Sync] config  curl http://172.28.24.10/test.html
line1 hello world
line2 https://www.google.com/
line3 https%3A%2F%2Fwww.google.com%2F
line4 end