Forum Discussion

Nimbostratus

Dec 18, 2024

Irule using a data group to bypass header injection

Trying to do a basic irule that looks at a data group and bypasses the header injection based on the data group uris. Been messing with the below but getting multiple errors when adding the top lines...

Admin

Jan 01, 2025

Hi jcarpenter82

You are close, but missing a closing bracket on the first if statement, and you want return, not exit there. I think this is what you're after:

when HTTP_REQUEST {
    if { !([class match -- [string tolower [HTTP::path]] starts_with uribypass] || [HTTP::header exists "test-Proxied"]) } {
        HTTP::uri "/test[HTTP::uri]"
        HTTP::header insert test-Proxied 1
    }
}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Irule using a data group to bypass header injection

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Host header injection iRule

WAF evasion techniques for Command Injection

Header injection rule

Serverside SNI injection iRule

Mitigating OWASP Web Application Risk: Injection exploits using F5 BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS