Forum Discussion

Muhannad's avatar
Muhannad
Icon for Cirrus rankCirrus
Aug 24, 2020

Rewrite JSON value.

Dear Experts,

 

I need to ask if is it possible to inject a value "deviceName": "ESSApp" in the JSON content below if i got the following value in the "formName": "P59MBLVR_W59MBLVRE" value, in mean rerwite the http request when it is forwarded to the real application server (node).

 

POST /xxx/formservice HTTP/1.1

Content-Type: application/json; charset=utf-8

Content-Length: 1127

Expect: 100-continue

Host: xxx:7003

 

{"token":"044kNJzsQNJJnQ86kw3bkBeWcNRoA8MdJ6wczvYhBbQ77Q=MDE5MDA2MjU3MjM2MDc5NDk0ODQ0MTEwNkVTU0FwcDE1OTgyNTA3ODAwNDU=","formActions": [        {      "command": "SetControlValue",      "value": "ESS",      "controlID": "15"    },        {      "command": "SetControlValue",      "value": "",      "controlID": "19"    },     {      "command": "SetControlValue",      "value": "90013234",      "controlID": "29"    },    {      "command": "SetControlValue",      "value": "24/08/2020",      "controlID": "21"    },    {      "command": "SetControlValue",      "value": "120000",      "controlID": "25"    },    {      "command": "SetControlValue",      "value": "30",      "controlID": "35"    },        {      "command": "SetControlValue",      "value": "01",      "controlID": "33"    },    {"command": "DoAction",      "controlID": "11"}   ],   "formName": "P59MBLVR_W59MBLVRE",   "returnControlIDs":"39|31|37"  }

application delivery
iRules
LTM
  • Simon_Blakely's avatar
    Simon_Blakely
    Icon for Employee rankEmployee
    Aug 24, 2020

    You can do this in an irule with the STREAM profile, or collect the payload parse it and rewrite it.

     

    The question is how much parsing of the content is required to make the insertion safe.

     

    Please provide an example of the incoming and outgoing content.

  • Muhannad's avatar
    Muhannad
    Icon for Cirrus rankCirrus
    Aug 25, 2020

    Hi Simon,

     

    Thanks for your kind help.

     

    I have collected some captures to show you how is the flow:

     

    The client request a token:

    POST /xxx/v2/tokenrequest/ HTTP/1.1

    Authorization: Basic Q1NTUE9SVEFMOnBydHVzcl81MzE=

    Content-Type: application/json

    Content-Length: 23

    Host: xxx:7003

     

    {"deviceName":"ESSApp"}

    HTTP/1.1 200 OK

     

    Date: Tue, 25 Aug 2020 07:46:27 GMT

    Content-Length: 680

    Content-Type: application/json; charset=UTF-8

    Access-Control-Allow-Methods: GET, POST, OPTIONS

    Set-Cookie: JSESSIONID=12UklSL6A3BL2RYaOwxuAb0E35FhInJQPDhX13PQgrej7jYI2T40!-976037407; path=/jderest; HttpOnly

    Access-Control-Allow-Origin: *

     

    {"username":"CSSPORTAL","environment":"JPD920","role":"*ALL","jasserver":"http://HQOWL2:8005","userInfo":{"token":"0445GZVPRIhb9rtxHtxl9HfKVaikQpPgw2BdIQ5BEGz8tQ=MDE5MDA2MTk4OTM5NzkwMjk4NzA4MjkwNEVTU0FwcDE1OTgzNDE1ODc3MDU=","langPref":" ","locale":"en","dateFormat":"DME","dateSeperator":"/","simpleDateFormat":"dd/MM/yyyy","decimalFormat":".","addressNumber":0,"alphaName":"CSSPORTAL","appsRelease":"E920","country":" ","username":"CSSPORTAL"},"userAuthorized":false,"version":null,"poStringJSON":null,"altPoStringJSON":null,"aisSessionCookie":"12UklSL6A3BL2RYaOwxuAb0E35FhInJQPDhX13PQgrej7jYI2T40!-976037407!1598341587706","adminAuthorized":false,"passwordAboutToExpire":false}

     

    The client is requesting the formservices:

    POST /xxx/formservice HTTP/1.1

    Content-Type: application/json; charset=utf-8

    Content-Length: 1133

    Host: xxxx:7003

     

    {"token":"044VZAliLSXEo2l4Xcv9DFPNLQKbX7p8E3i/Zt+ksskQ+E=MDE5MDA2MjgwOTQzNzQwNjUwMjI4NzM5OUVTU0FwcDE1OTgzNDA4NzQ3NDM=","formActions": [        {      "command": "SetControlValue",      "value": "ESS",      "controlID": "15"    },        {      "command": "SetControlValue",      "value": "Ggtest",      "controlID": "19"    },     {      "command": "SetControlValue",      "value": "90013234",      "controlID": "29"    },    {      "command": "SetControlValue",      "value": "29/08/2020",      "controlID": "21"    },    {      "command": "SetControlValue",      "value": "120000",      "controlID": "25"    },    {      "command": "SetControlValue",      "value": "55",      "controlID": "35"    },        {      "command": "SetControlValue",      "value": "03",      "controlID": "33"    },    {"command": "DoAction",      "controlID": "11"}   ],   "formName": "P59MBLVR_W59MBLVRE",   "returnControlIDs":"39|31|37"  }

     

    The Response from the server is 444 cause i am missing the "deviceName":"ESSApp" in the body:

    HTTP/1.1 444 

    Date: Tue, 25 Aug 2020 07:46:27 GMT

    Content-Length: 162

    Content-Type: application/json; charset=UTF-8

    Access-Control-Allow-Methods: GET, POST, OPTIONS

    Access-Control-Allow-Origin: *

     

    {

     "message" : "Invalid Token: Please Request a New Token",

     "exception" : "java.lang.Exception",

     "timeStamp" : "2020-08-25:10.46.27"

    ,"deprecated":true }

     

    What i need is to make the F5 inserting the {"deviceName":"ESSApp"} before the   "formName": "P59MBLVR_W59MBLVRE",   "returnControlIDs":"39|31|37" in the JSON body.

     

    Many thanks in advance for your help.

     

    Regards,

    Muhannad

    • Simon_Blakely's avatar
      Simon_Blakely
      Icon for Employee rankEmployee
      Aug 30, 2020
      when HTTP_REQUEST {
  log local0. "starting collect"
      HTTP::collect [HTTP::header Content-Length]
      set clen [HTTP::header Content-Length]
}
when HTTP_REQUEST_DATA {
  binary scan [HTTP::payload] c* throwaway
  set incoming [HTTP::payload]
  log local0. "before: $incoming"
  regsub -all {,   "formName} $incoming {,  {"deviceName":"ESSApp"},  } newdata
  log local0. "new data is $newdata"
  HTTP::payload replace 0 $clen $newdata
  log local0. "after: [HTTP::payload]" 
}
      $ curl -kv https://172.16.0.220/xxx/formservice -d '{"token":"044VZAliLSXEo2l4Xcv9DFPNLQKbX7p8E3i/Zt+ksskQ+E=MDE5MDA2MjgwOTQzNzQwNjUwMjI4NzM5OUVTU0FwcDE1OTgzNDA4NzQ3NDM=",",   "formName": "P59MBLVR_W59MBLVRE",   "returnControlIDs":"39|31|37"  }' -H 'Content-Type: application/json; charset=utf-8'
 
Aug 30 16:07:03 bigip1 info tmm[12235]: Rule /Common/json_modify <HTTP_REQUEST>: starting collect
Aug 30 16:07:03 bigip1 info tmm[12235]: Rule /Common/json_modify <HTTP_REQUEST_DATA>: before: {"token":"044VZAliLSXEo2l4Xcv9DFPNLQKbX7p8E3i/Zt+ksskQ+E=MDE5MDA2MjgwOTQzNzQwNjUwMjI4NzM5OUVTU0FwcDE1OTgzNDA4NzQ3NDM=",",   "formName": "P59MBLVR_W59MBLVRE",   "returnControlIDs":"39|31|37"  }
Aug 30 16:07:03 bigip1 info tmm[12235]: Rule /Common/json_modify <HTTP_REQUEST_DATA>: new data is {"token":"044VZAliLSXEo2l4Xcv9DFPNLQKbX7p8E3i/Zt+ksskQ+E=MDE5MDA2MjgwOTQzNzQwNjUwMjI4NzM5OUVTU0FwcDE1OTgzNDA4NzQ3NDM=",",  {"deviceName":"ESSApp"},  ": "P59MBLVR_W59MBLVRE",   "returnControlIDs":"39|31|37"  }
Aug 30 16:07:03 bigip1 info tmm[12235]: Rule /Common/json_modify <HTTP_REQUEST_DATA>: after: {"token":"044VZAliLSXEo2l4Xcv9DFPNLQKbX7p8E3i/Zt+ksskQ+E=MDE5MDA2MjgwOTQzNzQwNjUwMjI4NzM5OUVTU0FwcDE1OTgzNDA4NzQ3NDM=",",  {"deviceName":"ESSApp"},  ": "P59MBLVR_W59MBLVRE",   "returnControlIDs":"39|31|37"  }
      • Muhannad's avatar
        Muhannad
        Icon for Cirrus rankCirrus
        Sep 01, 2020

        Dear Simon,

         

        Thanks for your help.

         

        It is working perfectly except one issue, it is inserting the "deviceName":"ESSApp" in every request thus it is causing issues to other requests, it seems we need to match exactly the "formName": "P59MBLVR_W59MBLVRE" toinsert the {"deviceName":"ESSApp"}

         

        Regards,

        Muhannad