uri masking
1 TopicURI Masking
Problem this snippet solves: The code snippet was utilized to mask the URI so that the client is unaware of the actual URI that was processed by the server. This can provide security but the main use case was to mask the older application version from the outside world. How to use this snippet: Whenever a client makes a request to: https://devtest.domain.com/wdev/wweb.ll?wsession it will be altered like this: https://devtest.domain.com/wdev/wweb.ll?FoldSession before it is load balanced to the pool: POOL-DEV2 The response from the pool member will be checked and the URI will be replaced like this: /wdev/wweb.ll?FoldSession replaced with /wdev/wweb.ll?wsession The replacement is done so the client doesn't know the actual URI that is being processed by the server. The same principle can be applied to replace the domain name/host header value. Code : when HTTP_REQUEST { set HOST [string tolower [HTTP::host]] set URI [string tolower [HTTP::uri]] if { $HOST contains "devtest.domain.com" } { #Disable SSL SSL::disable serverside } if { $URI contains "/wdev/wweb.ll?wsession" } { HTTP::uri [string map {/wdev/wweb.ll?wsession /wdev/wweb.ll?FoldSession} [HTTP::uri]] pool POOL-DEV2 } } when HTTP_RESPONSE { if { [HTTP::header values Location] contains "/wdev/wweb.ll?FoldSession" } { HTTP::header replace Location [string map {/wdev/wweb.ll?FoldSession /wdev/wweb.ll?wsession} [HTTP::header value Location]] } } Tested this on version: 11.0577Views1like0Comments