Changing HTTP Reponse status code

Question

Hi,&nbsp;
I've been asked to change the reponse HTTP Status code for custom 404 pages to "404" instead of 200.&nbsp;
It looks like this is possible by checking if the request is for /404.jsp, capturing the payload with HTTP::Payload and the using HTTP::Response to generate a new response with the captured payload.&nbsp;
 &nbsp;
Is there an easier way?&nbsp;
I'm concerned about capturing all the payload response on the F5. There could be thousands of 404 and I'm afraid of running the device out of memeory. Is that a valid concern?&nbsp;
 &nbsp;
Thanks!&nbsp;
Ben&nbsp;

kevin_stewart · Answer

Can you clarify? Usually a 404 is generated by the server in response to a request for something that doesn't exist. The user wouldn't ask for a "404.jsp" page. That's just what the server would send if it couldn't honor the actual request. And which payload to you have to capture (request or response)?

nitass · Answer

can we just check HTTP::status in response and send out 200? 
  
 e.g. 
 [root@ve10:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.252:80
   ip protocol 6
   rules myrule
   profiles {
      http {}
      tcp {}
   }
}
[root@ve10:Active] config  b pool foo list
pool foo {
   members 200.200.200.101:80 {}
}
[root@ve10:Active] config  b rule myrule list
rule myrule {
   when HTTP_RESPONSE {
  if { [HTTP::status] == 404 } {
    HTTP::respond 200
  }
}
}

test

[root@ve10:Active] config  ssldump -Aed -nni 0.0 port 80
New TCP connection 1: 172.18.204.228(49530) &lt;-&gt; 172.28.19.252(80)
1373588986.4110 (0.0048)  C&gt;S
---------------------------------------------------------------
GET /not_real_uri HTTP/1.1
Host: 172.28.19.252
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:22.0) Gecko/20100101 Firefox/22.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

---------------------------------------------------------------

New TCP connection 2: 200.200.200.10(49530) &lt;-&gt; 200.200.200.101(80)
1373588986.4121 (0.0010)  C&gt;S
---------------------------------------------------------------
GET /not_real_uri HTTP/1.1
Host: 172.28.19.252
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:22.0) Gecko/20100101 Firefox/22.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

---------------------------------------------------------------

1373588986.4132 (0.0010)  S&gt;C
---------------------------------------------------------------
HTTP/1.1 404 Not Found
Date: Fri, 12 Jul 2013 00:40:19 GMT
Server: Apache/2.2.3 (CentOS)
Content-Length: 288
Connection: close
Content-Type: text/html; charset=iso-8859-1

...snipped...
---------------------------------------------------------------

1373588986.4133 (0.0022)  S&gt;C
---------------------------------------------------------------
HTTP/1.0 200 OK
Server: BigIP
Connection: close
Content-Length: 0

---------------------------------------------------------------

ben_wilson_2412 · Answer

Sure, right now what's in place is:&nbsp;
 &nbsp;
when HTTP_RESPONSE {&nbsp;
  if { [HTTP::status] == "404" or [HTTP::status] == "501" }{&nbsp;
    HTTP::redirect "/error/404.jsp"&nbsp;
}&nbsp;
}&nbsp;
 &nbsp;
So what's happening is the 404 response is getting intercepted and replaced with a 302 with the error page URL.&nbsp;
Since the error page exists, when the 302 is followed, you'll get a 200 from that request.&nbsp;
 &nbsp;
From the client's perspective, they asked for a resource that didn't exist, received a redirect and then a valid response. The valid response is an error page which is obvious to a user, but to an automated system, it appears as though the request was valid.&nbsp;
 &nbsp;
Does that make more sense?&nbsp;
 &nbsp;
Thanks,&nbsp;
Ben&nbsp;

nitass · Answer

when HTTP_RESPONSE { 
&nbsp;   if { [HTTP::status] == "404" or [HTTP::status] == "501" }{ 
&nbsp;     HTTP::redirect "/error/404.jsp" 
&nbsp; } 
&nbsp; }so, does this work? 
&nbsp;  
&nbsp; by the way, have you ever tried HTTP::retry instead of HTTP::redirect? so, client does not need to send another request (i.e. /error/404.jsp). 
&nbsp;  
&nbsp; HTTP::retry 
&nbsp; https://devcentral.f5.com/wiki/irules.http__retry.ashx

ben_wilson_2412 · Answer

Posted By nitass on 07/11/2013 11:02 PM&nbsp;
when HTTP_RESPONSE {&nbsp;
if { [HTTP::status] == "404" or [HTTP::status] == "501" }{&nbsp;
HTTP::redirect "/error/404.jsp"&nbsp;
}&nbsp;
}
so, does this work?&nbsp;
&nbsp;
by the way, have you ever tried HTTP::retry instead of HTTP::redirect? so, client does not need to send another request (i.e. /error/404.jsp).&nbsp;
&nbsp;
HTTP::retry&nbsp;
https://devcentral.f5.com/wiki/irules.http__retry.ashx
&nbsp;
It works in that the client is sent a 302 to the error page.&nbsp;
The condition I'm looking to modify is the subsequent request the client will make for the /error/404.jsp page.&nbsp;
We want the HTTP Status for this request to be 404.&nbsp;
 &nbsp;
Thanks!&nbsp;

Forum Discussion

Changing HTTP Reponse status code

8 Replies

Recent Discussions

preserve client IP on layer 4 VIP

Failed to convert character dclid=%EDclid!

ASM - Parent policy vs OWASPcompliance

Rewrite uri translation not working

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

Related Content

When sync status change show in log

Check a Virtual Server's SSL Status

Nodes status show blue status

Revocation Status in HTTP Request Header

Change admin account