iRule to filter on URIs and strings in the body of the payload

Hello, I am working on another iRule to filter on a couple of URIs and a couple of strings in the body of the payload, when a POST is made from the client, and if these all match drop.

So far from what I have found in my search, I think I can use "HTTP::collect" and then "findstr [HTTP::payload]" to find the strings in the payload (I also am of the understanding that string may not appear within the first 1 MB of the payload), I am just not sure what I posted below is going to work or not; it likely needs to be tweaked. 

Any feedback would be appreciated! 

create ltm data-group internal uri-list records add { abc { } def { } } type string

when HTTP_REQUEST {
  if {[HTTP::method] eq "POST"}{
    #Evaluate URI and trigger the collection for up to 1MB of data
    if { [class match [string tolower [HTTP::uri]] contains uri-list] and [HTTP::header "Content-Length"] ne "" && [HTTP::header "Content-Length"] <= 1048576}{
      set content_length [HTTP::header "Content-Length"]
    } else {
        set content_length 1048576
    }
    #Check if $content-length is not set to 0
    if { $content_length > 0} {
      HTTP::collect $content_length
    }
  }
}
when HTTP_REQUEST_DATA {
  if { [findstr [HTTP::payload] "abc" and "xyz" 3 &] }{
  log local0. "Denied: [IP::client_addr] - [HTTP::uri] - [findstr [HTTP::payload]]"
  HTTP::respond 403 content "Forbidden" "Content-Type" "text/html"  
}