Forum Discussion

BharatSharda's avatar
BharatSharda
Icon for Altostratus rankAltostratus
Apr 08, 2021
Solved

Insert text to HTTP header via iRule event during APM execution

Hi Community Members,

We are trying to insert some text to HTTP header through an iRule which will check for ACCESS_POLICY_AGENT_EVENT generated by via iRule event during an APM checking.

Event "event_1" is getting generated via APM. There is below iRule that is doing the header injection if "event_1" is generated.

when ACCESS_POLICY_AGENT_EVENT {
    if { [ACCESS::policy agent_id] eq "event_1" } {
        HTTP::header insert "my_text" value
    }
}

But in our checking it was found that the header injection during APM execution by an iRule is not working.

Below F5 article also mentions the similar thing:

https://support.f5.com/csp/article/K22055705

Is there a way out by which we can still insert the desired text, value combination to HTTP header?

Any leads would be helpful. Thanks!

Cheers,

Bharat

APM
application delivery
iRules
  • SanjayP's avatar
    SanjayP
    Apr 14, 2021

    HTTP_REQUEST_SEND is also one of the event can be used to send the APM variable.

    https://support.f5.com/csp/article/K74392192

    so worth trying below. modify as needed.

    when ACCESS_POLICY_AGENT_EVENT {
    if { [ACCESS::policy agent_id] eq "event_1" } {
        ACCESS::session data set session.custom.header "value"
        set header [ACCESS::session data get "session.custom.header"]
    }
 }
 
 when HTTP_REQUEST_SEND  {    
    clientside {
    if {[info exists header]}{ 
	HTTP::header insert "headername" $header
    } else {
	 return
	}
   }	
 }

10 Replies

Sort By
  • SanjayP's avatar
    SanjayP
    Icon for Nacreous rankNacreous
    Apr 14, 2021

    HTTP_REQUEST_SEND is also one of the event can be used to send the APM variable.

    https://support.f5.com/csp/article/K74392192

    so worth trying below. modify as needed.

    when ACCESS_POLICY_AGENT_EVENT {
    if { [ACCESS::policy agent_id] eq "event_1" } {
        ACCESS::session data set session.custom.header "value"
        set header [ACCESS::session data get "session.custom.header"]
    }
 }
 
 when HTTP_REQUEST_SEND  {    
    clientside {
    if {[info exists header]}{ 
	HTTP::header insert "headername" $header
    } else {
	 return
	}
   }	
 }
    • BharatSharda's avatar
      BharatSharda
      Icon for Altostratus rankAltostratus
      Apr 16, 2021
      when ACCESS_POLICY_AGENT_EVENT {
    if { [ACCESS::policy agent_id] eq "event_1" } {
        ACCESS::session data set session.custom.header "1"
    } else {
        ACCESS::session data set session.custom.header "0"
 }
 
 when HTTP_REQUEST_SEND  {    
    clientside {
    set header [ACCESS::session data get "session.custom.header"]
    if { $header }{ 
	HTTP::header insert "headername" $header
    } else {
	 return
	}
   }	
 }

      Hi Sanjay,

      This worked for my case with a little tweak, had to set the $header again in HTTP_REQUEST_SEND to proceed with the HTTP header insertion. Also the log local0. helped a lot. Thank you for your inputs in here. Cheers.

      I traced the HTTP headers by printing then in ltm logs referring to https://support.f5.com/csp/article/K42210592

      when HTTP_REQUEST {
   foreach aHeader [HTTP::header names] {
   log local0. "HTTP Request Headers: $aHeader: [HTTP::header value $aHeader]"
   }
}
  • Nikoolayy1's avatar
    Nikoolayy1
    Icon for MVP rankMVP
    Apr 08, 2021

    You want to insert the header in the request or response ?

     

    Try with "ACCESS_POLICY_COMPLETED" or "HTTP_REQUEST" or "ACCESS_ACL_ALLOWED" or even "HTTP_REQUEST" to do this.

     

    You may also see:

     

     

    https://devcentral.f5.com/s/question/0D71T000006gzth/detail?s1oid=00D00000000hXqv&s1nid=0DB1T0000008Ony&emkind=chatterCommentNotification&s1uid=0051T000008eyBa&emtm=1617222886798&fromEmail=1&s1ext=0

     

    • BharatSharda's avatar
      BharatSharda
      Icon for Altostratus rankAltostratus
      Apr 09, 2021

      Hi Nikoolayy1,

       

      Thank you for your suggestion.

      Our expectation is to insert the header when the flow goes through just a certain APM check (branch path) and a certain condition is met, that is because we tried to use ACCESS_POLICY_AGENT_EVENT. Header should not be added by any other APM branch.

       

      If we use "ACCESS_POLICY_COMPLETED" or "HTTP_REQUEST" or "ACCESS_ACL_ALLOWED" or even "HTTP_REQUEST", header will be added for all the checks, not just by a specific APM.

      • SanjayP's avatar
        SanjayP
        Icon for Nacreous rankNacreous
        Apr 09, 2021

        May be worth to try something like below. Let us know how the testing goes

        when ACCESS_POLICY_AGENT_EVENT {
    if { [ACCESS::policy agent_id] eq "event_1" } {
        ACCESS::session data set session.custom.header "value"
        set header [ACCESS::session data get "session.custom.header"]
    }
 }
 when ACCESS_POLICY_COMPLETED {
    if {[info exists header]}{
	HTTP::header replace "headername" $header
	} else {
	 return
	}
 }

  • SanjayP's avatar
    SanjayP
    Icon for Nacreous rankNacreous
    Apr 16, 2021

    Glad it worked and thank you for the feedback with an updated iRule