Forum Discussion

Nimbostratus

Dec 09, 2013

Matching ASCII codes %00 - %1f in HTTP::uri

According to: http://www.w3schools.com/tags/ref_urlencode.asp "The ASCII device control characters %00-%1f were originally designed to control hardware devices. Control characters have nothing to...

application delivery

ascii device control characters

Nimbostratus

Dec 09, 2013

And actually, if you wanted to trap ALL of the control characters from %00 to %1f...

Note that %1, %2, etc would pass through unmatched as the regex is looking for percent, followed by single digit 0 or 1, followed by single digit 0 through 9 or a though f or A through F.

when HTTP_REQUEST {
    log local0. "Checking URI: [HTTP::uri]"
    if { [regexp {%[0-1][0-9a-fA-F]} [HTTP::uri]] } {
        log local0. "Illegal URI: Closing Connection."
        HTTP::close
        TCP::close
    }
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Matching ASCII codes %00 - %1f in HTTP::uri

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

set TOKEN [getfield [HTTP::uri]

HTTP URI Replace/Redirect

Persist using a string in an HTTP URI

No matches under XML_CONTENT_BASED_ROUTING

Http Response Based On Requested Uri

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS