Forum Discussion

BaaDf00d_300951's avatar
BaaDf00d_300951
Icon for Nimbostratus rankNimbostratus
Apr 03, 2018
Solved

ASM redirect on api call, does not generate a redirect for a user

Hi,   Looking to solve a problem with a ASM Policy. Where by i force it to redirect the user to a custom page explaining what has happened to their request. But when it blocks a background call ...
  • BaaDf00d_300951's avatar
    Apr 11, 2018

    So I have sorted out a solution to this albeit not very graceful. I could not get a popup of any type to display. What i did, in the custom response, Dropped a cookie, on the client machine, than on the next request read the cookie with an IRUle and deleted it, forcing a redirect to the block page at that point in time, and passing the support ID through the cookie i had created.

    Not very graceful, as it doesnt redirect to the support page instantly, but it shows the support page afterwards. Bit of a hack, issue is that each request redirected by the Location: 302 redirect that works successfully does not delete the cookie, so the support page needs to also delete the cookie to stop repeated redirects.

    irule:

    when HTTP_REQUEST {
      set block_is_set [HTTP::cookie exists "Block-Cookie"]
      if {$block_is_set == 1} {
        set support_id [HTTP::cookie value "Block-Cookie"]
        HTTP::cookie remove "Block-Cookie"
        HTTP::respond 302 noserver Location "https://supportpageDomain/URLPath?support_id=$support_id" Connection close Set-Cookie "Block-Cookie=;expires=Thu, 01 Jan 1970 00:00:00 GMT"
      }
    }
    

    Custom Response Header:

    HTTP/1.1 302 OK
    Cache-Control: no-cache
    Pragma: no-cache
    Location: https://supportpageDomain/URLPath?support_id=<%TS.request.ID()%>
    set-cookie: Block-Cookie=<%TS.request.ID()%>; Path=/; HttpOnly; Secure