Forum Discussion
I am trying to solve the same problem as the OP that Mayur pointed me to (which I just noticed even has the same exact problem string).
https://devcentral.f5.com/s/question/0D51T00006i7hpJSAQ/irule-to-block-requests-with-specific-word
I am wondering about the consequence of not limiting the Content-Length of the HTTP POST. When I use the limit, some users are unable to POST images. I could make the Content-Length limit larger, but what if I do not impose a limit at all? Is it vulnerable to DoS? For instance, I imagine TMM must store and parse the HTTP payload of every HTTP POST for a string. It seems possible to get many relatively large payloads in a short time. I don't know what the processor or memory constraints are (relative to a given iRule on a given virtual server). Is it dynamically allocated from a global resource pool to individual instances as needed, or does each individual virtual server or each iRule's TMM thread have predefined resource allocation (I/O and mem).