Forum Discussion
Joel_Breton
Nimbostratus
NimbostratusLTM Policy - Insert Header on Response
Hi all,
I'm having an issue with LTM policies to insert header on response. Here's the working configuration 1 policy with 3 rules
rules {
Pool1_rule {
actions {
0 {
forward
select
pool Pool1
}
1 {
http-header
response
insert
name Content-Security-Policy
value "frame-ancestors 'self';"
}
2 {
http-header
response
insert
name X-Content-Security-Policy
value "frame-ancestors 'self';"
}
}
conditions {
0 {
http-host
values { pool1.mysite.com }
}
}
}
Pool2_rule {
actions {
0 {
forward
select
pool Pool2
}
}
conditions {
0 {
http-host
values { pool2.mysite.com }
}
}
ordinal 1
}
Pool3_rule3 {
actions {
0 {
forward
select
pool pool3
}
conditions {
0 {
http-host
values { pool3.mysite.com }
}
}
ordinal 2
}
}
status published
strategy /Common/first-match
}
This Policy works because the headers are added in the first rule. If you change the order of the rules, for example add the headers in the second rule the headers are not added on the response.
rules {
Pool2_rule {
actions {
0 {
forward
select
pool Pool2
}
}
conditions {
0 {
http-host
values { pool2.mysite.com }
}
}
}
Pool1_rule {
actions {
0 {
forward
select
pool Pool1
}
1 {
http-header
response
insert
name Content-Security-Policy
value "frame-ancestors 'self';"
}
2 {
http-header
response
insert
name X-Content-Security-Policy
value "frame-ancestors 'self';"
}
}
conditions {
0 {
http-host
values { pool1.mysite.com }
}
}
ordinal 1
}
Pool3_rule3 {
actions {
0 {
forward
select
pool pool3
}
conditions {
0 {
http-host
values { pool3.mysite.com }
}
}
ordinal 2
}
}
status published
strategy /Common/first-match
}
Is this a limitation in LTM Policies?
Thanks,
- CharlesCS
Cirrus
In the working policy, the header-insert actions are taken when the HTTP Host is "pool1.mysite.com", but the host in the non-working policy is "pool2.mysite.com". Is this what you intended?
