Forum Discussion

Thiyagu's avatar
Thiyagu
Icon for Cirrus rankCirrus
May 11, 2021

IRULE help for HTTP Referer value

Hello All,

I'm working on a iRule to get the HTTP referer value and to send a response to the client if the referer value is changed. iRule is working however if we use the http referer value as "http://x.abc.comm" then iRule is not responding back with 400 error message.

 

As per my expectation if the HTTP referer value is .abc.comm" then also load balancer should respond with 400 error message.

 

-------------------------------------------------

when HTTP_REQUEST {

       set referer_host [URI::host [HTTP::header value Referer]]

       if { [HTTP::header exists "Referer"] }

       {

       if {$referer_host contains ".abc.com"}{

        log "Request allowed with Referer: [HTTP::header value Referer]"  

       }

       else {

           HTTP::respond 400 content "Bad Request" Content-Type "text/html"

          }

      }

            }

--------------------------------------------------

 

Regards,

Thiyagu

  • Hi Thiyagu,

     

    I believe the problem lies with the "contains" part of the if statement in which you check for the domain name. Technically, ".abc.comm" contains ".abc.com" and as such will be allowed through.

     

    You can try to work with "ends_with" instead of "contains", which should block this one as well.

     

    Hope this helps.

     

     

1 Reply

  • Hi Thiyagu,

     

    I believe the problem lies with the "contains" part of the if statement in which you check for the domain name. Technically, ".abc.comm" contains ".abc.com" and as such will be allowed through.

     

    You can try to work with "ends_with" instead of "contains", which should block this one as well.

     

    Hope this helps.