Forum Discussion

Sajid's avatar
Sajid
Icon for Cirrostratus rankCirrostratus
Oct 03, 2019

Regexp for complex password

Hi Guys,

 

Need help for below regexp,

 

when HTTP_REQUEST_DATA {

  set payload [URI::decode [HTTP::payload]]

  regexp {^.*txtURL=([^&]+).*$} $payload -> gotURL

  regexp {^.*username=([^&]+).*$} $payload -> username

  regexp {^.*password=([^&]+).*$} $payload -> password

HTTP::release

}

 

works for simpel password, but facing issue with password having following characters

 

$,&, % etc.

 

sample string

--- <HTTP_REQUEST_DATA>: Payload is = username=apptest&password=1234&1abc&txtURL=https://trng.example.com:443/ssoman/c/SSA

 

 

Regards,

Sajid

application delivery
BIG-IP
iRules

2 Replies

Sort By
  • corrado's avatar
    corrado
    Icon for Altostratus rankAltostratus
    Oct 16, 2019

    This might work if there is always a field starting with &, like &txtURL, after the "password=" filed.

    I asslumed that since you use a regex that excludes character & , but as you said passwords containing character '&' will not be matched while using this regex you will always have "&" as a character after the password so everything but last & will match.

     

    ^.*password=(\K.*)&

  • Sajid's avatar
    Sajid
    Icon for Cirrostratus rankCirrostratus
    Oct 16, 2019

    Hi Corrado,

     

    Thanks for your response.

     

    Got this error,

     

     warning: ["\K" has no meaning. Did you mean "\\K" or "K"?][{^.*password=(\K.*)&}]

     

     

    Regards,

    Sajid