Need to reject traffic based on header names not values

Hi Rachel,

to check if a given request contains a badly formated HTTP header name, you may use the iRule below. It first checks if the request does not contain the correctly formated

Trueheader

. If a correctly formated

Trueheader

is not found, it continues to check if an other-wise formated

TrUeHeAdEr

exists in the request. If an other-wise formated

TrUeHeAdEr

is found, it will send a HTTP-400 bad request to the client...

when HTTP_REQUEST {
    if { ( [lsearch -exact [HTTP::header names] "Trueheader"] == -1 ) 
     and ( [lsearch -exact [string tolower [HTTP::header names]] "trueheader"]  >= 0 ) } then {
        HTTP::respond 400 content "BAD REQUEST"
        return
    }
}

I guess it would be also solution to transparently replace

TrUeHeAdEr

with

Trueheader

, isn't it? If so then you may check out the iRule below. Instead of sending a HTTP-400 bad request it will store the value of the other-wise formated

TrUeHeAdEr

into a

$trueheader

variable, remove the

TrUeHeAdEr

and finally add a correctly formated

Trueheader

with the value stored in the

$trueheader

variable.

when HTTP_REQUEST {
    if { ( [lsearch -exact [HTTP::header names] "Trueheader"] == -1 ) 
     and ( [lsearch -exact [string tolower [HTTP::header names]] "trueheader"]  >= 0 ) } then {
        set trueheader [HTTP::header value "trueheader"]
        HTTP::header remove "trueheader"
        HTTP::header insert "Trueheader" $trueheader
    }
}

Cheers, Kai