Forum Discussion

ngkin2010's avatar
ngkin2010
Icon for Nimbostratus rankNimbostratus
Apr 14, 2020

Effect of Rewriting HTTP Response

Hi mates,

 

I have write a simple F5 iRule to rewrite the HTTP response on LTM.

 

The code is simple:

when HTTP_RESPONSE {
    if [HTTP::header "Content-Length"] > 50000000 {
        HTTP::header replace "Content-Type" "text/html"
        HTTP::header remove "Content-Disposition"
        HTTP::payload replace 0 [HTTP::payload length] ""
        HTTP::respond 503 content "Access Denied"
    }
}

 

It does work when testing. But I am not quite sure about the mechanism behind to evaluate the impact.

 

Obviously the above code is mean to check if response payload size is larger than 50MB, and rewrite the HTTP content.

 

But what will happen when user is trying to download file larger than 50MB?

 

  1. User sending HTTP GET REQUEST to F5
  2. F5 pass it to Server
  3. Server received the HTTP REQUEST
  4. Server send the HTTP RESPONSE with Content-Length larger than 50000000 to F5
  5. F5 received the HTTP RESPONSE, and according to iRule it rewrites the content to "text/html" and send it to User
  6. User receive and display the HTTP text/html page
  7. User replying TCP ACK to F5
  8. F5 received TCP ACK
  9. (What will happen next?)

 

Will F5 sending TCP ACK / TCP RST to server and why?

 

In the view of server side, it has no idea that F5 rewrote the HTTP RESPONSE, and potential impact at server side? (e.g. the HTTP session is on-hold until timeout)

 

Thanks.

2 Replies

  • First up, you don't need to do anything with the HTTP response if you are doing an HTTP::respond

     

    The HTTP::respond 503 is complete in and of itself, and discards the collected HTTP response

     

    The client-side connection just stays open for the next HTTP request from the client.

    If you want to close the connection, use HTTP::close

     

    • ngkin2010's avatar
      ngkin2010
      Icon for Nimbostratus rankNimbostratus

      Hi Simon,

       

      Thanks for you explanation and advise.

       

      However, if the response will be discarded, and server-side connection stay open. Will the client-side connection also stay open? Will it cause TCP re-transmission if the HTTP response be discarded?

       

      And I not quite familiar with HTTP::collect, and not sure I need it to determine the correct Content-Length. As I am expecting the first Content-Length in the first HTTP response is referring to the whole static content size even the content is spitted into multiple packets?

       

      Again, thanks a lot Simon :)