Forum Discussion

Nimbostratus

Oct 13, 2020

iRule to examine response HTML for image URLs

Hi, I'd like to write an iRule to scan a HTML response body for image tags and store all of the source URLs in a table. I understand that once I've fired a HTTP::collect in a HTTP_REQUEST event...

application delivery

iRules

Dario_Garrido

Noctilucent

Oct 19, 2020

Hello Gerhackett.

After collecting the HTTP payload, you can do something like this.

when HTTP_RESPONSE_DATA {
	set find "https?://.*.jpg"
	set indices [regexp -all -indices -inline $find [HTTP::payload]]
 
	foreach idx $indices {
		set start [ expr { [lindex $idx 0] } ]
		set end [expr { [lindex $idx 1] } ]
		log local0. "[substr [HTTP::payload] $start $end]"
	}
}

Modify the regex properly to match your goal. You can test your regex here:

https://regex101.com/

Regards,

Dario.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

iRule to examine response HTML for image URLs

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Introduction of Incident Response

F5 NGINX API Gateway: Simplify Response Manipulation

iRule to take cookie from HTTP Response into HTTP Request via table

iRule Interference: Custom Closes and Responses

iRule: modify uri and response

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS