Forum Discussion

Nimbostratus

Dec 09, 2013

Matching ASCII codes %00 - %1f in HTTP::uri

According to: http://www.w3schools.com/tags/ref_urlencode.asp "The ASCII device control characters %00-%1f were originally designed to control hardware devices. Control characters have nothing to...

application delivery

ascii device control characters

Nimbostratus

Dec 09, 2013

I am not an expert-level iRuler at this point (yet), so someone may have a better, more direct answer, but... I would add the "log" lines below. The output will show in the "Local Traffic" log (or /var/log/ltm on the F5 itself). It will give you a better idea of what is going on.

I did find a package that is supposed to "test iRules" but it isn't quite very intuitive (from what I have seen so far).

when HTTP_REQUEST {
    log local0. "Checking URI: [HTTP::uri]"
    if { [HTTP::uri] contains "%00" } {
        log local0. "Illegal URI: Closing Connection."
        HTTP::close
        TCP::close
    }
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Matching ASCII codes %00 - %1f in HTTP::uri

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

set TOKEN [getfield [HTTP::uri]

HTTP URI Replace/Redirect

Persist using a string in an HTTP URI

No matches under XML_CONTENT_BASED_ROUTING

Http Response Based On Requested Uri

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS