Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

iRule to block URI with parameters irrespective of URI query letter case

Sabir_Alvi
Altocumulus
Altocumulus

‎18-Jan-2020 12:05

We have a need to block access to a URI path along with certain parameters in the URL. The iRule we have works fine, however if we change the case of the input URI query parameter, the iRule is ignored and the URL becomes accessible. Can someone help me fix the iRule please?

 

If we change "type" to "TYPE" or "Type", iRule is bypassed, which is not good.

 

when HTTP_REQUEST {  if { ([string tolower [HTTP::uri]] contains "/bla/bla.asp")   and ([string tolower [URI::query [HTTP::uri] type]] equals "bla") }    { HTTP::respond 403 }    }
Labels:
0 Kudos
3 REPLIES 3

PeteWhite
F5 Employee
F5 Employee

‎18-Jan-2020 12:52

when HTTP_REQUEST { set uri [string tolower [HTTP::uri]] if { ( $uri contains "/bla/bla.asp") and ([URI::query $uri type]] equals "bla") } { HTTP::respond 403 } }

Try this - change the whole URI to lower case and then retrieve the type - your failed because you were changing the response to lower case, not the URI. Yours would also work if you did:

if { ([string tolower [HTTP::uri]] contains "/bla/bla.asp") and ( [URI::query [string tolower [HTTP::uri]] type] equals "bla") }

That will use less memory ie it is not creating a variable but looks a bit more confusing so you take your pick.

Sabir_Alvi
Altocumulus
Altocumulus
In response to PeteWhite

‎05-Feb-2020 14:34

I forgot to come back and thank you for this! First one worked like a charm!

0 Kudos

PeteWhite
F5 Employee
F5 Employee
In response to Sabir_Alvi

‎06-Feb-2020 00:10

Great, thanks
0 Kudos
Copyright © 2022 Khoros, LLC