For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

ckteur's avatar
ckteur
Icon for Cirrus rankCirrus
Apr 29, 2021
Solved

Replace an header authorization request with policy or iRule doesn't work ...

Hi all,

 

I need to replace an header in request : the original header is "X-epsilon-Authorization" and the new header is "Authorization".

I don't know if the value of header is necessary but is the same : "Basic xxxx"

 

I try it with Policy:

 

Condition

"HTTP HEADER" named "X-epsilon-Authorization" "is" "any of" "Basic XXXX" at "request"

 

Action

"Remove" "http header" named "X-epsilon-Authorization" at "request"

"Insert" "http header" named "Authorization" with value "Basic XXX" at "request"

 

I try also witch iRule:

 

-----------------------------------------------

when HTTP_REQUEST {

 

   if { [HTTP::header] eq "X-epsilon-Authorization" } {

      HTTP::header replace "Authorization"

   }

 }

------------------------------------------------

 

It doesn't work with iRule or Policy ..... Can anyone help me ?

 

Thanks !

application delivery
BIG-IP
iRules
  • spalande's avatar
    spalande
    Apr 29, 2021

    Try below. Modify the names of the header if needed. You can enable logging to see if it's replacing as expected.

     

    when HTTP_REQUEST {
if { [HTTP::header exists "X-epsilon-Authorization"] } {
set value [HTTP::header value X-epsilon-Authorization]
HTTP::header remove X-epsilon-Authorization
HTTP::header insert Authorization $value
} else {
 return
 }
 foreach aHeader [HTTP::header names] {
  # log local0. "$aHeader: [HTTP::header value $aHeader]"
      }
}

     

     

5 Replies

  • spalande's avatar
    spalande
    Icon for Nacreous rankNacreous
    Apr 29, 2021

    Try below. Modify the names of the header if needed. You can enable logging to see if it's replacing as expected.

     

    when HTTP_REQUEST {
if { [HTTP::header exists "X-epsilon-Authorization"] } {
set value [HTTP::header value X-epsilon-Authorization]
HTTP::header remove X-epsilon-Authorization
HTTP::header insert Authorization $value
} else {
 return
 }
 foreach aHeader [HTTP::header names] {
  # log local0. "$aHeader: [HTTP::header value $aHeader]"
      }
}

     

     

    • ckteur's avatar
      ckteur
      Icon for Cirrus rankCirrus
      Apr 30, 2021

      Hi SanjayP,

       

      Thanks for reply !

      I try the irule but that return an error: "01070151:3: Rule [/Common/A_irule] error: /Common/A_irule:2: error: [parse error: PARSE syntax 33 {syntax error in expression " HTTP::header exists X-mafrenchbank-Authorization ": variable references require preceding $}][{ HTTP::header exists X-mafrenchbank-Authorization }]"

       

      Thanks

      • ckteur's avatar
        ckteur
        Icon for Cirrus rankCirrus
        Apr 30, 2021

        It works !!

         

        Just the hooks were missing [HTTP::header exists "X-epsilon-Authorization"]

        The irule run perfectly and the value of Header has been changed.

         

        Thanks a lot and have a good day !