For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Parveez_70209's avatar
Parveez_70209
Icon for Nimbostratus rankNimbostratus
Jul 31, 2014

Query Related to HTTP GET and HTTP POST

Hi Team,

 

Got a query related to HTTP GET and HTTP POST

 

For this requirement we need to know is LTM URL blocking can access POST data ?

 

For a sample Irule, pasted below: URL Blocking,

 

when HTTP_REQUEST priority 400 { log local0. "Uri is [HTTP::uri]" if {[HTTP::uri] contains "index.rss" } { HTTP::close

 

log local0. "matched URI [HTTP::uri]"

return } elseif {[HTTP::uri] starts_with "/$" } { HTTP::redirect "http://www.xyz.com/us/en/"

 

log local0. "matched URI [HTTP::uri]"

return } elseif {[HTTP::uri] starts_with "/%"} { HTTP::redirect "http://www.xyz.com/us/en/"

 

log local0. "matched URI [HTTP::uri]"

return } elseif {[HTTP::uri] starts_with "/_"} { HTTP::redirect "http://www.xyz.com/us/en/"

 

log local0. "matched URI [HTTP::uri]"

return } elseif {[HTTP::uri] starts_with "/-"} { HTTP::redirect "http://www.xyz.com/us/en/"

 

log local0. "matched URI [HTTP::uri]"

return } elseif {[HTTP::uri] starts_with "/~"} { HTTP::redirect "http://www.xyz.com/us/en/"

 

log local0. "matched URI [HTTP::uri]"

return } elseif {[HTTP::uri] starts_with "//"} { HTTP::redirect "http://www.xyz.com/us/en/"

 

log local0. "matched URI [HTTP::uri]"

return } elseif {[HTTP::uri] starts_with "/admin"} { HTTP::redirect "http://www.xyz.com/us/en/"

 

log local0. "matched URI [HTTP::uri]"

return } elseif {[HTTP::uri] starts_with "/web.config"} { HTTP::redirect "http://www.xyz.com/us/en/"

 

log local0. "matched URI [HTTP::uri]"

return } elseif {[HTTP::uri] equals "/console"} { HTTP::redirect "http://www.xyz.com/us/en/"

 

log local0. "matched URI [HTTP::uri]"

return } elseif {[matchclass [HTTP::uri] contains $::xyz_admin_paths]} { HTTP::redirect "http://www.xyz.com/us/en/"

 

log local0. "matched URI [HTTP::uri]"

return }

 

}

 

We are using all HTTP GET, let’s say GET data is all into the URI but POST data is not available in URI correct ?

 

We need to know whether the LTM URL Blocking can access POST Data, if yes how will it look like.

 

Regards

 

3 Replies

  • Stefan_Klotz's avatar
    Stefan_Klotz
    Icon for Cumulonimbus rankCumulonimbus
    Aug 01, 2014

    Hi Parveez,

     

    correct a HTTP Post request doesn't include its data in the URI, but in the content of your request. How does your POST-request looks like and which values from it do you need to verify and make conditions from?

     

    Also your iRule example with lots of elseif cases should be optimized with a switch-case and can also be summarized as the redirect is always the same.

     

    Ciao Stefan :)

     

  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Aug 04, 2014

    If I may add, a POST can indeed have data in its URI. It's rare of course, but there's nothing to prevent it. In any case, the GET and POST are HTTP methods, but you're only ever evaluating the HTTP::uri in your conditions, which are available to all HTTP methods.

     

  • Parveez_70209's avatar
    Parveez_70209
    Icon for Nimbostratus rankNimbostratus
    Aug 09, 2014

    Hi Kevin and Stefan,

     

    Thank you for looking into the query.

     

    Will work from our end and let you know further queries related to this.

     

    Thanks and Regards Parveez