Need help with writing an iRule to remove jsession URI content

not sure if i understand correctly. anyway, i assume uri is response contact and jsessionid length is fixed. please feel free to revise.

[root@ve1023:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.79:80
   ip protocol 6
   rules myrule
   profiles {
      http {}
      stream {}
      tcp {}
   }
}
[root@ve1023:Active] config  b pool foo list
pool foo {
   members 200.200.200.101:80 {}
}
[root@ve1023:Active] config  b rule myrule list
rule myrule {
   when HTTP_REQUEST {
   STREAM::disable
   HTTP::header remove "Accept-Encoding"
}

when HTTP_RESPONSE {
   if {[HTTP::header value Content-Type] contains "text"}{
      STREAM::expression {@;jsessionid=\w{9}@@}
      STREAM::enable
   }
}
}

[root@ve1023:Active] config  curl -i http://200.200.200.101/test.html
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2012 16:02:43 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 24 Jan 2012 15:58:04 GMT
ETag: "4183f2-a5-36565b00"
Accept-Ranges: bytes
Content-Length: 165
Set-Cookie: BROWSER=MOZILLA%20INTERNET_EXPLORER%20CHROME; path=/
Content-Type: text/html; charset=UTF-8

...
https://www.google.com/
https://test.com/web/tabs;jsessionid=07E052F5D
https://www.yahoo.com/
...

[root@ve1023:Active] config  curl -i http://172.28.19.79/test.html
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2012 16:02:46 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 24 Jan 2012 15:58:04 GMT
ETag: "4183f2-a5-36565b00"
Accept-Ranges: bytes
Set-Cookie: BROWSER=MOZILLA%20INTERNET_EXPLORER%20CHROME; path=/
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked

...
https://www.google.com/
https://test.com/web/tabs
https://www.yahoo.com/
...

Can you just remove it from the requested URI? If so, you can use an iRule like this:

when HTTP_REQUEST {

 Check if the path contains a jsessionid
if {[HTTP::path] contains ";jsessionid="}{

 Split the path on the jsession ID and update it to the first field
HTTP::path [getfield [HTTP::path] ";jsessionid=" 1]
}
}

Or if you need to hide the JSESSIONID from the client you'd need to rewrite the response content using an stream profile and STREAM::expression iRule. You could use a STREAM::expression like:

STREAM::expression {@;[jJ][sS][eE][sS][sS][iI][oO][nN][iI][dD]=[a-zA-Z0-9]*@@}

http://devcentral.f5.com/wiki/iRules.stream__expression.ashx

Aaron

Nice one Nitass 🙂

David, here are a couple of small suggestions:

If the JSESSIONID is in mixed case and/or the value can be more than 9 hex characters you could use the stream expression from my example. Also, you might need to remove the JSESSIONID from redirects. If so, you can add this to Nitass's example in HTTP_RESPONSE:

 Check if response is a redirect and the Location header has a jsessionid
if {[HTTP::is_redirect] and [HTTP::header Location] contains ";jsessionid="}{

 Remove ;jsessionid= up until a ? which starts the query string
HTTP::header replace [string map [list [findstr [string tolower [HTTP::header Location]] ";jsessionid=" 12 "?"] ""] [HTTP::header Location]]
}

Aaron

Ok great thanks guys :). I'll give those a try this week. The concern is they don't want any JSESSION information in the URL due to a potential issue.

 

 

I have a feeling the requirement is to remove the JSESSION data from the response content but I should know more this afternoon. I've never messed with stream profiles so this would be a first.

 

 

Thanks,