Mitigate Apache strut2 vulnerability, cve-2017-5638

Problem this snippet solves: F5 has updated the official KB article K43451236 on AskF5 to include an enhanced version of the iRule below that will protect your vulnerable web servers behind the BIG-...
Published Mar 07, 2017
Version 1.0
application delivery
BIG-IP
iRules
security
Malcolm_Heath_5's avatar
Malcolm_Heath_5
Historic F5 Account
Mar 09, 2017

Todd's comment is correct. Here is a revised version of the irule that I believe will address this:

 when HTTP_REQUEST {
   if { [HTTP::method] equals "POST" || [HTTP::method] equals "GET" } {
    switch -glob -- [string tolower [HTTP::header value "Content-Type"]] {
        "" - 
        "multipart/form-data; boundary=*" -
        "multipart/form-data" -
        "text/xml" -
        "text/xml; charset=utf-8" - 
        "application/x-www-form-urlencoded" {
             Allow request with empty or white listed "Content-Type" headers
        }
        default {
             Reject request with unknown "Content-Type" headers
            reject
        }
    }
  }
}