For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Cooler_184565's avatar
Cooler_184565
Icon for Nimbostratus rankNimbostratus
Jan 29, 2015

Some doubts about iRule to control header

Hi there, I was wondering if you guys could help me with some doubts I'm having with the creation of some iRules to protect some vulnerabilities In this particular case I need to remove Cacheable SSL...
application delivery
ASM Advanced WAF
devops
iRules
security
Michael_Jenkins's avatar
Michael_Jenkins
Icon for Cirrostratus rankCirrostratus
Jan 29, 2015

I think you could optimize your code with one of these:

 

 If you always want to have these 3 headers
HTTP::header replace "Cache-Control " "no-cache, no-store, must-revalidate"
HTTP::header replace "Pragma" "no-cache"
HTTP::header replace "Expires" "0"

 If you only want to replace ones that exist
if { [HTTP::header exists "Cache-Control"]} { HTTP::header replace"Cache-Control " "no-cache, no-store, must-revalidate" }
if { [HTTP::header exists "Pragma"]} { HTTP::header replace"Pragma" "no-cache"}
if { [HTTP::header exists "Expires"]} { HTTP::header replace"Expires" "0" }