03-Jan-2021 20:43
Hello All,
Wish you all a very happy new year. I'm working on an iRule with Datagroup to allow HTTP Referer with only specific values. Below is the irule I have tried and for some reason I'm always getting 400 error.
Could you please suggest what needs to be done to match the HTTP Referer value with a Data_Group ?
=========================================================================
when HTTP_REQUEST {
set referer_host [URI::host [HTTP::header value Referer]]
if { [HTTP::header exists "Referer"] }
{
if {[matchclass $referer_host contains HTTP_REFERER_ALLOWED_LIST]}
{
}
else {
HTTP::respond 400 content "Bad Request" Content-Type "text/html"
}
}
}
========================================================================
==========Data Group==============
ltm data-group internal HTTP_REFERER_ALLOWED_LIST {
partition Staging_CC
records {
ABC {
data .abc.com
}
XYZ {
data .xyz.com
}
}
type string
}
===========================================================================
Thank a lot in advance.
Regards,
Thiyagu
04-Jan-2021 03:23 - edited 21-Mar-2022 02:15
Hi ,
I see 3 things here,
So when the Irule executes, as per your logic, it will collect the referer, lets say referer_host is set with abc.com. Then this is checked against your datagroup, but all your records are in upper case (ABC, XYZ). So nothing will match even with contains. Its a good practice to always perform string to lower, but all host values are often on lower string, so you have to change your datagroup to lowercase.
Hope this helps. Keep us posted.