Forum Discussion

Nimbostratus

Aug 16, 2021

Solved

iRules for 403 forbidden error

Is it possible to create an iRule to remove a specific post request header information to avoid the 403 forbidden error that is generated from an Oracle Apex application? For example the Origin ...

application delivery

ASM Advanced WAF

LTM

Enes_Afsin_Al
Aug 17, 2021
Hi RichardDumag,
You can customize http profile for erase a request header.
Local Traffic ›› Profiles : Services : HTTP ›› http-profile ›› Request Header Erase
Request Header Erase: Indicates the name of an HTTP request header that the BIG-IP system removes from the client request. Only one header can be removed per pool, unless you are using LTM Policies or iRules.
iRule:
when HTTP_REQUEST { HTTP::header remove "Origin" }
uri based:
when HTTP_REQUEST { if { [string tolower [HTTP::uri]] equals "/apex_extprd/wwv_flow.ajax" } { HTTP::header remove "Origin" } }

Enes_Afsin_Al

MVP

Aug 17, 2021

Hi RichardDumag,

You can customize http profile for erase a request header.

Local Traffic ›› Profiles : Services : HTTP ›› http-profile ›› Request Header Erase

Request Header Erase: Indicates the name of an HTTP request header that the BIG-IP system removes from the client request. Only one header can be removed per pool, unless you are using LTM Policies or iRules.

iRule:

when HTTP_REQUEST {
	HTTP::header remove "Origin"
}

uri based:

when HTTP_REQUEST {
	if { [string tolower [HTTP::uri]] equals "/apex_extprd/wwv_flow.ajax" } {
		HTTP::header remove "Origin"
	}
}

Forum Discussion

iRules for 403 forbidden error

Recent Discussions

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Related Content

How to change ACL forbidden page?

Error: read ECONNRESET error while using Postman for API calls after change to irule

iRULE regsub error

Insufficient permissions BIG-IQ login error

iRules Style Guide