For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Rachel's avatar
Rachel
Icon for Nimbostratus rankNimbostratus
Apr 04, 2019

Need to reject traffic based on header names not values

We have a need to reject traffic based on the case of the header names not header values.   For example: Let's say the header name is Trueheader. If a payload comes in with a header name of TRUEh...
devops
iRules
LTM
security
rob_carr's avatar
rob_carr
Icon for Cirrocumulus rankCirrocumulus
Apr 04, 2019

Yes, you can do this, via the HTTP::header names command, which returns a list of headers in the request or response, and then iterate through the list using the HTTP::headers count command and lindex.

 

I'm not sure about the overall efficiency (you'd have to test), but I would extract the list of header names, and make a lowercase comparison to your check value (e.g. 'trueheader') if and only if that comparison was valid, I would make a second check, comparing the actual case of the header name your your check value. If you match on the lowercase comparison, but not the actual case comparison, you know that you've come across a variant form of your header name and you can reject the configuration.