Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Lemaire_Frédéri's avatar
Lemaire_Frédéri
Icon for Altostratus rankAltostratus
Sep 15, 2023

Is it possible to use the following Irule syntac with TCL in a policy ?

Hello, I've setup some code in an Irule . This concerns a code that will take the URI, within this uri, search for first directory in the path and put it tolower before sending it to the server. ...
application delivery
policy
tcl
JRahm's avatar
JRahm
Icon for Admin rankAdmin
Sep 18, 2023

HI Lemaire_Frédéri , conditions in policies don't accept Tcl expressions, only actions. If we could land on a single expression to accomplish this it might be possible, but anything requiring anything more than a cached value lookup in a policy sends me to an iRule outright by preference...your mileage may vary. To your block of code, you can simplify that to not set any variables at all (not as readable), and if you're always going to rewrite if it "isn't" lowercase, then you don't really need the condition and can just rewrite always, right? Anway...IF that's the case for this particular virtual server, THEN, you might yet be able to use a policy with this:

rewrite_first_path_segment {
    actions {
        0 {
            http-uri
            replace
            value "tcl:[string map [list [getfield [HTTP::uri] / 2] [string tolower [getfield [HTTP::uri] / 2]]] [HTTP::uri]]"
        }
    }
    ordinal 5
}

 Again, I'd go the iRule route here, but you can investigate from here with the policy.  A couple other solution options I was noodling on for fun:

# option 1 - close to your solution
set pathobj [getfield [HTTP::uri] "/" 2]
if { ![string equal $pathobj [string tolower $pathobj]] } {
    HTTP::uri [string map [list $pathobj [string tolower $pathobj]] [HTTP::uri]]
}

# option 2 - regex rewrite 
if { [regexp {^(/[^/]+)(/.*)?$} [HTTP::uri] -> pathobj remaining_uri] } {
    HTTP::uri [join [list [string tolower $pathobj] $remaining_uri] "/"]
}