Forum Discussion
Sabir_Alvi
Altocumulus
AltocumulusiRule to block URI with parameters irrespective of URI query letter case
We have a need to block access to a URI path along with certain parameters in the URL. The iRule we have works fine, however if we change the case of the input URI query parameter, the iRule is ignored and the URL becomes accessible. Can someone help me fix the iRule please?
If we change "type" to "TYPE" or "Type", iRule is bypassed, which is not good.
when HTTP_REQUEST {
if { ([string tolower [HTTP::uri]] contains "/bla/bla.asp")
and ([string tolower [URI::query [HTTP::uri] type]] equals "bla") }
{ HTTP::respond 403 }
}
PeteWhiteEmployee
when HTTP_REQUEST { set uri [string tolower [HTTP::uri]] if { ( $uri contains "/bla/bla.asp") and ([URI::query $uri type]] equals "bla") } { HTTP::respond 403 } }Try this - change the whole URI to lower case and then retrieve the type - your failed because you were changing the response to lower case, not the URI. Yours would also work if you did:
if { ([string tolower [HTTP::uri]] contains "/bla/bla.asp") and ( [URI::query [string tolower [HTTP::uri]] type] equals "bla") }That will use less memory ie it is not creating a variable but looks a bit more confusing so you take your pick.
Sabir_AlviI forgot to come back and thank you for this! First one worked like a charm!
- PeteWhiteGreat, thanks