Forum Discussion

jwright47_23019's avatar
jwright47_23019
Icon for Nimbostratus rankNimbostratus
Oct 21, 2015

Possible to read TIFF header and reject if format is incorrect?

Our clients upload TIFF images to our server. However, our app requires TIFF images of a particular resolution and compression.

 

This information is embedded in the TIFF header.

 

Is it possible for an iRule, or anything else on the F5, to read the TIFF header, and to reject the TIFF file if it is not what we require?

 

Also, if we reject, is there a way to inform the app on the server side that this file has been rejected?

 

Thank you kindly, in advance.

 

4 Replies

  • Lucas_Thompson_'s avatar
    Lucas_Thompson_
    Historic F5 Account

    Certainly. iRules are a complete language, so essentially anything can be done.

     

    Notifying the server might be problematic though.

     

    Probably you'd be looking at something similar to:

     

    1. Get HTTP request (HTTP_REQUEST).
    2. Decide if it's the POST you're looking for (HTTP::method == 'POST', HTTP::header probably Content-Disposition filename matches whatever.tiff).
    3. If so, begin collecting the data (HTTP::collect xxx).
    4. Examine the body file header bytes for your required information (HTTP_REQUEST_DATA).
    5. If the information is correct, release the connection to the server (HTTP_RELEASE), upload proceeds as normal.
    6. If the information is not correct, (HTTP::respond) with some kind of user-facing error page

    Here, the server would get no notification of the invalid upload but you could log it for future auditing.

     

  • I have learned that the TIFF is embedded in xml, base64 encoded. Is it still possible to do this?

     

    I know that the F5 can do xml validation. Could I do this as part of that function?

     

    • Lucas_Thompson_'s avatar
      Lucas_Thompson_
      Historic F5 Account
      Sure. It becomes more complicated, but it's possible. Recently an XML parser was added in irules that you could use, but probably for your use case it would be easier to just use pattern matching on the decoded base64 data. You're not looking to validate the entire document, just a sanity check against certain parameters.