Forum Discussion

Yozzer's avatar
Yozzer
Icon for Nimbostratus rankNimbostratus
Jun 27, 2012

Spaces in the machine

Hi

 

 

I have the following command that searches for "id" in the url and then performs an action if the id value is contained in the data group list:

 

 

if {[matchclass [string tolower [URI::query [HTTP::uri] id]] contains $::Portlet_ref]} {

 

 

 

However if i add a space (%20) before, in the middle or after the id value (%20id, i%20d and id%20) then it can be bypassed. This also happens if i add a space in the value (%20hello, He%20llo and hello%20)

 

 

How can i trim spaces from both the id parameter name and its value so that it wont be bypassed?

 

 

Thanks

 

 

application delivery
dev
devops
iRules
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jun 27, 2012
    is this applicable?

    by the way, do you know starting from 9.4.4 $:: prefix is no longer required to reference class object and it is cmp compatible?

    CMP Compatibility

    https://devcentral.f5.com/wiki/iRules.cmpcompatibility.ashx 

    [root@ve1024:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.79:80
   ip protocol 6
   rules myrule
   profiles {
      http {}
      tcp {}
   }
}
[root@ve1024:Active] config  b rule myrule list
rule myrule {
   when HTTP_REQUEST {
   log local0. "[HTTP::uri]"
   log local0. "[string map {%20 ""} [HTTP::uri]]"
   log local0. "[string tolower [URI::query [string map {%20 ""} [HTTP::uri]] id]]"
   if {[matchclass [string tolower [URI::query [string map {%20 ""} [HTTP::uri]] id]] contains $::Portlet_ref]} {
      log local0. "gotcha"
   } else {
      log local0. "not match"
   }
}
}
[root@ve1024:Active] config  b class Portlet_ref list
class Portlet_ref {
   "hello"
}

/var/log/ltm
Jun 26 22:58:29 local/tmm info tmm[4861]: Rule myrule : /test?id=%20he%20llo%20&temp=1234
Jun 26 22:58:29 local/tmm info tmm[4861]: Rule myrule : /test?id=hello&temp=1234
Jun 26 22:58:29 local/tmm info tmm[4861]: Rule myrule : hello
Jun 26 22:58:29 local/tmm info tmm[4861]: Rule myrule : gotcha
  • Yozzer's avatar
    Yozzer
    Icon for Nimbostratus rankNimbostratus
    Jun 27, 2012
    Thanks

     

     

    What needs to be done to also prevent spaces in the I'd name? (I%20d)
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jun 27, 2012
    What needs to be done to also prevent spaces in the I'd name? (I%20d)it already does since we use string map against HTTP::uri, all space (%20) will be removed.