Forum Discussion
irule or ASM Dataguard to mask sensitive data.
- Mar 17, 2019
I think it's just the regex. The documentation says it takes PCRE expressions, but maybe it's slightly different?
I put the string in the custom pattern exactly as it shows up in the response and it masks it:
HTTP/1.1 200 OK Date: Sun, 17 Mar 2019 16:14:09 GMT Last-Modified: Sun, 17 Mar 2019 15:49:08 GMT ETag: "2a-5844c365dbc0c" Accept-Ranges: bytes Content-Length: 42 Content-Type: application/json Set-Cookie: TS01ce3b70=01ab350b1380a1d499b6b31bbd8fd165e9cea5e3b49f3bb2488ec38e985de0fb0f24c3aa51ce1302f1a6ded68aff123b1f26f4d34c; Path=/; HTTPOnly {"some-data": "here"} *******************
Also, I think you'll want to disable blocking in learning and blocking for dataguard information leakage. You'll actually get a block page instead of the masked data if block is set.
I think it's just the regex. The documentation says it takes PCRE expressions, but maybe it's slightly different?
I put the string in the custom pattern exactly as it shows up in the response and it masks it:
HTTP/1.1 200 OK
Date: Sun, 17 Mar 2019 16:14:09 GMT
Last-Modified: Sun, 17 Mar 2019 15:49:08 GMT
ETag: "2a-5844c365dbc0c"
Accept-Ranges: bytes
Content-Length: 42
Content-Type: application/json
Set-Cookie: TS01ce3b70=01ab350b1380a1d499b6b31bbd8fd165e9cea5e3b49f3bb2488ec38e985de0fb0f24c3aa51ce1302f1a6ded68aff123b1f26f4d34c; Path=/; HTTPOnly
{"some-data": "here"}
*******************
Also, I think you'll want to disable blocking in learning and blocking for dataguard information leakage. You'll actually get a block page instead of the masked data if block is set.
- Dave_McCauley_3Mar 17, 2019Cirrostratus
A side note, this would probably break anything calling that API that is trying to parse that as JSON. The iRule approach might be better since you can keep it as well-formatted JSON and not be at the mercy of ASM's masking. Potentially the PCRE expression could match the whole string but just replace the version part and keep the quotes.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com