Forum Discussion
NimbostratusRemove values in the payload
AdminTry this stream profile on your virtual server:
ltm profile stream pantest_stream {
app-service none
chunking enabled
defaults-from stream
target @<pan>(.*\?)<\\/pan>@@
}My test request on the clientside of BIG-IP:
And on the server-side:
Ignore the card(n) and string(n)...I added those while troubleshooting my failed attempts! 🙂
NimbostratusHello, JRahm Thanks again for your reponse, you are so warm hearted.
I didn't find the way your created stream.
ltm profile stream pantest_stream {
app-service none
chunking enabled
defaults-from stream
target @<pan>(.*\?)<\\/pan>@@
}
I've tried my side with graphic configuration stream as below:
source I put '<pan>(.*\?)<\\/pan>', and nothing for target. chunk deactivated.
and then activate this stream profile dans virtuel server like this:
After that I checked the data receieved on the server side, it doesn't change anything. There is still 'pan'. Do I miss anything?
PS: 'plainPanRemoved' is done by our app to remove sensitive data.
I also tried with iRules, the back-end throws directly 'Error reading XMLStreamReader'.
when HTTP_REQUEST {
# Verify Content-length, POST, URI
if { [HTTP::header exists Content-length] and [HTTP::method] equals "POST" and [string tolower [HTTP::uri]] contains "/endPointName"}{
# Verify if the request is CreateWalletReq
if { [HTTP::payload] contains "<CreateWalletReq"} {
# Remove PAN
STREAM::expression {@<pan>(.*\?)<\\/pan>@@}
STREAM::enable
}
}
}
when HTTP_RESPONSE {
STREAM::disable
}
Thanks again.
- JRahm
If entering the string in the GUI, you shouldn't need the additional backslash, it should just be:
@<pan>(.*\?)<\/pan>@@If you are NOT needing the plainPan tags (and enclosed content) removed, then this is not what you want. You will likely just want:
@<pan>@@ @<\/pan>@@
