Forum Discussion

veredgf_96123's avatar
veredgf_96123
Icon for Nimbostratus rankNimbostratus
May 22, 2018

irule to limit parameter and it's values on certain URL

Hi,

 

I need help with an iRule for the following situation -

 

This specific ASM policy has no URL limits (set to WC), but there is a certain URL that we need to have enabled only for the following situation - a single parameter with two values. I need to disable all other options for this URL - i.e., to disallow all other parameters and for that specific parameter to enable only these two values.

 

I have a prepared ASM violation that I want to raise for this particular event.

 

Any ideas?

 

Thanks :-D

 

Vered

 

  • Hi,

    You can insert an irule within HTTP or ASM events to make sure that your requirement is respected :

    when HTTP_REQUEST {
        if { [HTTP::path] eq "/x/y/z" } {
            set param1 [URI::query [HTTP::uri] param1]
            set param_array [split [regsub -all {&=|&$} [URI::decode [URI::query [HTTP::uri]]] {}] "&"]
            set param_count [llength $param_array]
            if { !(($param1 eq "value1" or $param1 eq "value2") and ($param_count == 1)) } {
                 drop, reject, generate ASM violation, ...
            }
        } 
    }
    

    Regards

    Yann