cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

iRule to block URI with parameters irrespective of URI query letter case

Sabir_Alvi
Altocumulus
Altocumulus

We have a need to block access to a URI path along with certain parameters in the URL. The iRule we have works fine, however if we change the case of the input URI query parameter, the iRule is ignored and the URL becomes accessible. Can someone help me fix the iRule please?

 

If we change "type" to "TYPE" or "Type", iRule is bypassed, which is not good.

 

when HTTP_REQUEST {  if { ([string tolower [HTTP::uri]] contains "/bla/bla.asp")   and ([string tolower [URI::query [HTTP::uri] type]] equals "bla") }    { HTTP::respond 403 }    }
3 REPLIES 3

PeteWhite
F5 Employee
F5 Employee
when HTTP_REQUEST { set uri [string tolower [HTTP::uri]] if { ( $uri contains "/bla/bla.asp") and ([URI::query $uri type]] equals "bla") } { HTTP::respond 403 } }

Try this - change the whole URI to lower case and then retrieve the type - your failed because you were changing the response to lower case, not the URI. Yours would also work if you did:

if { ([string tolower [HTTP::uri]] contains "/bla/bla.asp") and ( [URI::query [string tolower [HTTP::uri]] type] equals "bla") }

That will use less memory ie it is not creating a variable but looks a bit more confusing so you take your pick.

I forgot to come back and thank you for this! First one worked like a charm!

Great, thanks