Forum Discussion

Nimbostratus

Jun 16, 2020

Irule to make HTTP request size compliant with header

Hello, I need to implement in F5 is a possibility to reject an HTTP request in case the size of the request is not corresponding to the Content-Length of the header. I cannot use ASM for ...

Employee

Jun 21, 2020

what you are trying to do will work with GET but you may wish to consider POST, where you will have to use HTTP::collect and use HTTP::payload length.

For use with GET, you can simply use string length:

when HTTP_REQUEST {
  if { [expr {  [string length [HTTP::request]] eq ne expr [HTTP::header "Content-Length"]} {
    reject
  }
 }

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Irule to make HTTP request size compliant with header

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

F5 NGINX HTTP Request Header Rules: What’s Permitted and What’s Not

NGINX Plus R35 for Federal Environments: FIPS-Compliant algorithms with ACME Certificates in AWS

APM HTTP Connector request and HTTP Headers

A basic OWASP 2017 Top 10-compliant declarative WAF policy

Example OWASP Top 10-compliant declarative WAF policy

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS