Forum Discussion
Remove values in the payload
I'm not sure I follow exactly, are you trying to do this:
<card>
<expDate>[string]</expDate>
<plainPan>[string?]</plainPan>
</card>
<card>
<expDate>[string]</expDate>
<plainPan>[string?]</plainPan>
</card>
or this:
<card>
<expDate>[string]</expDate>
</card>
<card>
<expDate>[string]</expDate>
</card>
If the first, you can do that with a simple stream profile:
ltm profile stream pan_test_stream {
app-service none
defaults-from stream
target "@<pan>@@ @</pan>@@"
}
If the latter, an html content profile should work, but I haven't done that before. Something to look into before thinking about regex.
Hello JRahm, Thanks for your response.
What I want to do is the second one as you mentioned.
I have tried 'html content' with this article https://support.f5.com/csp/article/K99872325, it doesn't work. It seems that 'html content profile' is only for modify HTML content sent in responses from the back-end servers.
What I want is to modify the request . Do you have any suggestion about that?
By the way, the request is in the format xml SOAP as below:
<Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/">
<Body>
<cardsData>
<card>
<expDate>[string]</expDate>
<pan>
<plainPan>[string?]</plainPan>
</pan>
</card>
<card>
<expDate>[string]</expDate>
<pan>
<plainPan>[string?]</plainPan>
</pan>
</card>
can exist serveral cards
</Body>
</Envelope>
Thank you in advance.
- JRahmJun 13, 2022Admin
Yeah, I found that out myself on the HTML profile, couldn't get it to work on request traffic. What's your virtual server setup look like regarding profiles? Might need to do some payload manipulation in iRules.
- JRahmJun 13, 2022Admin
Try this stream profile on your virtual server:
ltm profile stream pantest_stream { app-service none chunking enabled defaults-from stream target @<pan>(.*\?)<\\/pan>@@ }
My test request on the clientside of BIG-IP:
And on the server-side:
Ignore the card(n) and string(n)...I added those while troubleshooting my failed attempts! 🙂
- Louis27Jun 14, 2022Nimbostratus
Hello, JRahm Thanks again for your reponse, you are so warm hearted.
I didn't find the way your created stream.
ltm profile stream pantest_stream { app-service none chunking enabled defaults-from stream target @<pan>(.*\?)<\\/pan>@@ }
I've tried my side with graphic configuration stream as below:
source I put '<pan>(.*\?)<\\/pan>', and nothing for target. chunk deactivated.
and then activate this stream profile dans virtuel server like this:
After that I checked the data receieved on the server side, it doesn't change anything. There is still 'pan'. Do I miss anything?
PS: 'plainPanRemoved' is done by our app to remove sensitive data.
I also tried with iRules, the back-end throws directly 'Error reading XMLStreamReader'.
when HTTP_REQUEST { # Verify Content-length, POST, URI if { [HTTP::header exists Content-length] and [HTTP::method] equals "POST" and [string tolower [HTTP::uri]] contains "/endPointName"}{ # Verify if the request is CreateWalletReq if { [HTTP::payload] contains "<CreateWalletReq"} { # Remove PAN STREAM::expression {@<pan>(.*\?)<\\/pan>@@} STREAM::enable } } } when HTTP_RESPONSE { STREAM::disable }
Thanks again.- JRahmJun 14, 2022Admin
If entering the string in the GUI, you shouldn't need the additional backslash, it should just be:
@<pan>(.*\?)<\/pan>@@
If you are NOT needing the plainPan tags (and enclosed content) removed, then this is not what you want. You will likely just want:
@<pan>@@ @<\/pan>@@
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com