Forum Discussion
Darren_Young_10
Nimbostratus
NimbostratusRemove headers on GET vs. POST
How could I remove headers on a GET vs. a POST request?
7 Replies
hoolioCirrostratus
Hi Darren,
You can check the request method using HTTP::method, get a list of the headers using 'HTTP::header names' and remove an HTTP header using 'HTTP::header remove'.
http://devcentral.f5.com/wiki/default.aspx/iRules/http
Do you want to remove all HTTP headers from just GET requests? Or can you clarify?
Thanks,
Aaron
Darren_Young_10We have this one app behind the F5's the we need to remove Cache-Control and Pragma from on a certain set of GET requests. The vendor has also identified what we can search for on the uri for the removal.
Vendor is sending an HTML doc with an XLS extension and they're forcing Cache-Control and Pragma to a point where it won't work over SSL to IE.- hoolioYou can check the request method and URI in HTTP_REQUEST and then set a variable to track that you want to remove the Cache-Control and Pragma headers from the response. I'm not sure whether you only want to check GETs or POSTs, but here's an example which checks POSTs:
when HTTP_REQUEST { set remove_headers 0 if {[HTTP::path] contains "some/string"}{ if {[HTTP::method] eq "POST"}{ set remove_headers 1 } } } when HTTP_RESPONSE { if {$remove_headers}{ HTTP::header remove Cache-Control HTTP::header remove Pragma } }
Aaron - Darren_Young_10Thanks a bunch, that's (mostly) what I had going. I'm discovering how rusty my tcl is now...
Perhaps you can answer, the paths the app has have been defined and there are several of them I need to evaluate. In Perl, I would have:
my @paths = ('path1', 'path2', 'path3');
foreach my $path (@paths) {
do_something($path);
}
From what I've read tcl arrays are not what I'm used to in Perl. Any idea what tcl equivalent is to that type of operation? - hoolioIf you want to check for multiple paths you can use a switch statement:
http://www.tcl.tk/man/tcl8.4/TclCmd/switch.htmwhen HTTP_REQUEST { set remove_headers 0 Check the requested path switch -glob [HTTP::path] { "/path1/*" - "*/path2/" - "*/path3/*" { if {[HTTP::method] eq "POST"}{ set remove_headers 1 } } } } when HTTP_RESPONSE { if {$remove_headers}{ HTTP::header remove Cache-Control HTTP::header remove Pragma } }
The -glob flag in combination with the * wildcard means the first check is if the path starts with /path1/, the second is if the path ends with /path2/ and the third is if the path contains /path3/.
If you did want to do something to a set of strings, you could use a list and a foreach loop:set paths [list path1 path2 path3] foreach path $paths { do something }
There are arrays in TCL if you want to use one:
http://www.tcl.tk/man/tcl8.4/TclCmd/array.htm
Aaron - Darren_Young_10Working perfectly now, thanks.
Perhaps I should start a new thread for this, but I'll ask here first.
Is there any way to detect the port of the member server that a request would be sent to? In this case, only members that are non SSL (port 80) should have the headers removed. If the member is SSL enabled we don't hit the problem with the app.
At this point I would be happy with checking member port 80 vs. 443 to determine if it's an SSL back-end. Rather than actually connecting to the back-end to test that condition (like see if there's a cert installed, etc). - hoolioYou can check the port in HTTP_RESPONSE using TCP::server_port:
when HTTP_REQUEST { set remove_headers 0 Check the requested path switch -glob [HTTP::path] { "/path1/*" - "*/path2/" - "*/path3/*" { if {[HTTP::method] eq "POST"}{ set remove_headers 1 } } } } when HTTP_RESPONSE { if {$remove_headers && [TCP::server_port] != 443}{ HTTP::header remove Cache-Control HTTP::header remove Pragma } }
You can use PROFILE::exists serverssl to check for a server SSL profile on the VIP, but I think this is a more expensive operation than checking the TCP port.
Aaron
