For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Ryan_Chin_80280's avatar
Ryan_Chin_80280
Icon for Nimbostratus rankNimbostratus
Aug 19, 2005

Multiple redirect/respond invocations not allowed

Hi Guys,

 

 

Need some help on a iRule i wrote, would appreciate if anyone can shed some light on what is wrong with it.

 

 

The iRule below is trying to do 3 things.

 

1) redirect all traffic to https

 

2) if user trys to access a specific URI '/exchange/customerservice', it will redirect back to /exchange

 

3) if user not does key in the URI '/exchange', it will redirect user to it.

 

 

=====================================================================

 

when HTTP_REQUEST {

 

redirect all traffic to https

 

if {[TCP::local_port] != "443"} {

 

HTTP::redirect https://[HTTP::host]/exchange

 

}

 

evaluate characters as lower case

 

Pass characters back to server in lower case

 

set my_uri [string tolower [HTTP::uri]]

 

log local0. "the uri is $my_uri"

 

if { $my_uri starts_with "/exchange/customerservice" } {

 

redirect to HTTPS on matching URI

 

HTTP::redirect https://[HTTP::host]/exchange

 

}

 

redirect if user does not key in exchange

 

if { [HTTP::uri] == "/" } {

 

HTTP::redirect https://[HTTP::host][HTTP::uri]/exchange

 

}

 

}

 

=====================================================================

 

 

The rule seems to be working, it was doing all the above, however, i keep seeing the error message below in my ltm log file. Anyone has any idea? Thanks alot!

 

=====================================================================

 

Aug 19 10:34:50 tmm tmm[707]: 01220001:3: TCL error: Rule GIOWA_filter - Operation not supported. Multiple redirect/respond invocations not allowed (line 15) invoked from within "HTTP::redirect https://[HTTP::host][HTTP::uri]/exchange"

 

=====================================================================
application delivery
dev
devops
iRules

1 Reply

  • Erick_Hammersm1's avatar
    Erick_Hammersm1
    Historic F5 Account
    Aug 19, 2005
    Since the rule will always evaluate each conditional, a single request could result in multiple HTTP::redirect statements. For example, a request for http://www.abc.com/ would match both the TCP::local_port != 443 and the HTTP::uri == "/" conditions. This rule will not encounter this problem:

    when HTTP_REQUEST {
   if {[TCP::local_port] != "443"} {
      HTTP::redirect https://[HTTP::host]/exchange
   } else {
      set my_uri [string tolower [HTTP::uri]]
      if { $my_uri starts_with "/exchange/customerservice" } {
         HTTP::redirect https://[HTTP::host]/exchange
      } elseif { $my_uri eq "/" } {
         HTTP::redirect https://[HTTP::host][HTTP::uri]/exchange
      }
   }
}

    Of course, I am making some assumptions about exactly what behavior you are looking for, but you should be able to rearrange this framework to achieve whatever logic you need.