Forum Discussion
Gustavo_Lazarte
Nimbostratus
NimbostratusModifying Header Location
We are having problems passing a security audit because IIS 5 shows the name of the servers when it does a redirection on the location part of the header. The problems is when we hit a redirect (302 Object Moved) message and we get the Location: \server01\location\. I was able to block the Location on the 302 messages but I run in to another problem. Our site have 3 redirects that also send a 302 message to the clients but in this case Location \server01\application?value=1010. So we would like to keep blocking the \server01\location\ and rewrite the Location header on the correct requests \www.website.com\application?value=1010. Is there a better way to go around this issue?
Another solution would be to change the /server1/test or server02/test value to www.website.com/test on the header
Thanks
15 Replies
Nicolas_MenantEmployee
Hi,
You should have a look here: Click here
It is a similar request (a little more complicated in fact) that should help you to resolve yours.
HTH
N.
Gustavo_LazarteIt worked great and tested correctly. Now I been trying to make it work with the 7 different servers \server01\ to \server07\. Is there a better way to do this besides just doing if.....elseif statements seven times?
Thanks for your help- Nicolas_MenantYou should have a look at the switch command: Click here
- Gustavo_LazarteHere is an example
when HTTP_RESPONSE {
if { [HTTP::status] contains "302"} && [string tolower [HTTP::header Location]]contains "server01" }
then {HTTP::header replace Location [string map -nocase {"server01" "www.site.com"} [HTTP::header Location]] }
elseif { [HTTP::status] contains "302" && [string tolower [HTTP::header Location]]contains "server02" }
then {HTTP::header replace Location [string map -nocase {"server02" "www.site.com"} [HTTP::header Location]] }
elseif { [HTTP::status] contains "302" && [string tolower [HTTP::header Location]]contains "server03" }
then {HTTP::header replace Location [string map -nocase {"server03" "www.site.com"} [HTTP::header Location]] }
again thanks for your help - Nicolas_MenantHi,
Should looks like this (i didn't tested the syntax):when HTTP_RESPONSE { if { [HTTP::status] contains "302"} { switch [string tolower [HTTP::header Location]] { "server01" { HTTP::header replace Location [string map -nocase {"server01" "www.site.com"} [HTTP::header Location]] } "server02" { HTTP::header replace Location [string map -nocase {"server02" "www.site.com"} [HTTP::header Location]]} "server03" { HTTP::header replace Location [string map -nocase {"server03" "www.site.com"} [HTTP::header Location]] } } } } - Nicolas_MenantYou should even be able to make it like this:
when HTTP_RESPONSE { if { ([HTTP::status] contains "302") and ([string tolower [HTTP::header Location]] contains "server")} { HTTP::header replace Location [string map -nocase {"server01" "www.site.com" "server02" "www.site.com" "server03" "www.site.com" } [HTTP::header Location]] } } - Since you are testing the entire location header for server01, server02, or server03, why the need for a string map? Wouldn't the following do the same thing? Oh, and you might want to change the string comparison for the HTTP::status compare to a numeric equals as that will perform faster.
when HTTP_RESPONSE { if { [HTTP::status] == 302 } { switch [string tolower [HTTP::header Location]] { "server01" - "server02" - "server03" { HTTP::header replace Location "www.site.com" } } } }
-Joe - *Note, this does an exact comparison for the values of serverXX as the Location header. If you really want to do a "contains", you could use -glob with the switch and add asterisks to the beginning and end of the comparison strings.
-Joe - Nicolas_MenantAgree i just created the switch code without thinking optimization ... my mistake!
- Gustavo_Lazartefor some reason the switch command is not doing the change on the location header value, any reasons?
thanks
