cancel
Showing results for 
Search instead for 
Did you mean: 

IRULE help for HTTP Referer value

Thiyagu
Altocumulus
Altocumulus

Hello All,

I'm working on a iRule to get the HTTP referer value and to send a response to the client if the referer value is changed. iRule is working however if we use the http referer value as "http://x.abc.comm" then iRule is not responding back with 400 error message.

 

As per my expectation if the HTTP referer value is .abc.comm" then also load balancer should respond with 400 error message.

 

-------------------------------------------------

when HTTP_REQUEST {

       set referer_host [URI::host [HTTP::header value Referer]]

       if { [HTTP::header exists "Referer"] }

       {

       if {$referer_host contains ".abc.com"}{

        log "Request allowed with Referer: [HTTP::header value Referer]"  

       }

       else {

           HTTP::respond 400 content "Bad Request" Content-Type "text/html"

          }

      }

            }

--------------------------------------------------

 

Regards,

Thiyagu

1 ACCEPTED SOLUTION

AlexBCT
MVP
MVP

Hi Thiyagu,

 

I believe the problem lies with the "contains" part of the if statement in which you check for the domain name. Technically, ".abc.comm" contains ".abc.com" and as such will be allowed through.

 

You can try to work with "ends_with" instead of "contains", which should block this one as well.

 

Hope this helps.

 

 

View solution in original post

1 REPLY 1

AlexBCT
MVP
MVP

Hi Thiyagu,

 

I believe the problem lies with the "contains" part of the if statement in which you check for the domain name. Technically, ".abc.comm" contains ".abc.com" and as such will be allowed through.

 

You can try to work with "ends_with" instead of "contains", which should block this one as well.

 

Hope this helps.