Russell_E_Glaue
Dec 09, 2013Nimbostratus
Matching ASCII codes %00 - %1f in HTTP::uri
According to: http://www.w3schools.com/tags/ref_urlencode.asp
"The ASCII device control characters %00-%1f were originally designed to control hardware devices. Control characters have nothing to do inside a URL."
A vendor software has a bug that actually interprets %00-%1f and does some fateful things on the system as a result. I have the vendor software behind the LTM, and want to close the TCP connection for all URLs with these ASCII codes, particularly "%00".
What is the best approach to do this? I tried the below block of code, but the request with "%00" in the URI is not being caught in the IF statement.
when HTTP_REQUEST {
if { [HTTP::uri] contains "%00" }{
HTTP::close
TCP::close
}
}