Hello JRahm,  Thanks for your response. 

What I want to do is the second one as you mentioned. 
I have tried 'html content' with this article https://support.f5.com/csp/article/K99872325, it doesn't work. It seems that 'html content profile' is only for modify HTML content sent in responses from the back-end servers. 

What I want is to modify the request . Do you have any suggestion about  that?

By the way， the request is in the format xml SOAP as below:

<Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/">
    <Body>
            <cardsData>
                <card>
                    <expDate>[string]</expDate>
                    <pan>
                        <plainPan>[string?]</plainPan>
                    </pan>
                </card>
                <card>
                    <expDate>[string]</expDate>
                    <pan>
                        <plainPan>[string?]</plainPan>
                    </pan>
                </card>
               can exist serveral cards
    </Body>
</Envelope>

Thank you in advance.

Yeah, I found that out myself on the HTML profile, couldn't get it to work on request traffic. What's your virtual server setup look like regarding profiles? Might need to do some payload manipulation in iRules.

Try this stream profile on your virtual server:

ltm profile stream pantest_stream {
    app-service none
    chunking enabled
    defaults-from stream
    target @<pan>(.*\?)<\\/pan>@@
}

My test request on the clientside of BIG-IP:

And on the server-side:

Ignore the card(n) and string(n)...I added those while troubleshooting my failed attempts! 🙂

Hello, JRahm Thanks again for your reponse, you are so warm hearted.

I didn't find the way your created stream.

ltm profile stream pantest_stream {
    app-service none
    chunking enabled
    defaults-from stream
    target @<pan>(.*\?)<\\/pan>@@
}

I've tried my side with graphic configuration stream as below:

source I put '<pan>(.*\?)<\\/pan>', and nothing for target. chunk deactivated.

and then activate this stream profile dans virtuel server like this:

After that I checked the data receieved on the server side, it doesn't change anything. There is still 'pan'. Do I miss anything?

PS: 'plainPanRemoved' is done by our app to remove sensitive data.

I also tried with iRules,  the back-end throws directly 'Error reading XMLStreamReader'.

when HTTP_REQUEST {
	# Verify Content-length, POST, URI
    if { [HTTP::header exists Content-length] and [HTTP::method] equals "POST" and [string tolower [HTTP::uri]] contains "/endPointName"}{
	
		# Verify if the request is CreateWalletReq 
		if { [HTTP::payload] contains "<CreateWalletReq"} {        
		
	   # Remove PAN
            STREAM::expression {@<pan>(.*\?)<\\/pan>@@}
	    STREAM::enable

		}
	}
}


when HTTP_RESPONSE {
    STREAM::disable
}

Thanks again.

If entering the string in the GUI, you shouldn't need the additional backslash, it should just be:

@<pan>(.*\?)<\/pan>@@

 If you are NOT needing the plainPan tags (and enclosed content) removed, then this is not what you want. You will likely just want:

@<pan>@@ @<\/pan>@@