iRule to detect browser and display warning message

Question

Hey Guys,
I'm trying to write an iRule to display a warning message when a user is trying to access our internal SharePoint intranet with a non-supported browser (such as Firefox - which is popular amongst our devs).
I want this message to be displayed once per day and if the user clicks on "Continue" I'd like the F5 to redirect him to whatever address he was trying to access.
My problem is that I do not know the syntax for the irule.
I suppose it will be something +/- like this
when HTTP_REQUEST {
    if { not ( [HTTP::cookie exists BANNERMESSAGE] ) AND [HTTP::header "User-Agent"] contains "mozilla"]} {
        set expires [clock format [clock seconds] -format "%A, %d-%b-%Y 20:00:00"]
        HTTP::respond 200 content "

Unsuppored browser

Dear Users,
            You are using a non supported browser to access SharePoint.
            If you use this browser not all SharePoint funtionalities will be available to you.
            Please also note that the Helpdesk will only accept cases if using Internet Explorer.
            
              Click  to continue anyway

" "Set-Cookie" "WRONGBROWSER=1; path=/; expires=$expires"

What I do not know is :
How to do a IF statement on two conditions (IF the WRONGBROWSER cookie does not exist AND if User-agent contains Mozilla THEN ...)How to capture the address the user was trying to reach and provide in my HTML page a link "Click here to continue" which would redirect the user to that specific address.
Would you know how I coul achieve this ?
Thanks in advance

fluidetom_12222 · Answer

OK for some reason the iRule is not properly displayed, so here's a stripped down version without the HTML code&nbsp;when HTTP_REQUEST {
    if { not ( [HTTP::cookie exists WRONGBROWSER] ) AND [class match [HTTP::header "User-Agent"] contains "Mozilla"]} {            set expires [clock format [clock seconds] -format "%A, %d-%b-%Y 20:00:00"]
        HTTP::respond 200 content "
            HTML
            click here to continue (with a link to https://whatever_he-was_trying_access
            /HTML
        " "Set-Cookie" "WRONGBROWSER=1; path=/; expires=$expires"
    }
}

arie · Answer

I'd recommend converting the User-Agent to lower case before doing the comparison:&nbsp;
[string tolower [HTTP::header "User-Agent"]]&nbsp;
However, the bigger problem I see is that virtually all browsers (including IE) feature the string "Mozilla" in the User-Agent header... (see http://www.useragentstring.com/pages/Internet%20Explorer/)&nbsp;

fluidetom_12222 · Answer

Hey&nbsp;
Thanks for the information. &nbsp;
I used "mozilla" because I did not know what else to use. 
Basically what I want to do is display that page to users using Firefox. 
Which user agent should I use then? &nbsp;

arie · Answer

If you search for the string "firefox" you should be fine. Here's the list.&nbsp;

fluidetom_12222 · Answer

OK so assuming my syntax is correct I'd have something like the iRule below.
How can I capture the address entered to the user so I can redirect him to that address once he click "Continue" on the warning page?
when HTTP_REQUEST {
    if { not ( [HTTP::cookie exists WRONGBROWSER] ) AND [class match [string tolower[HTTP::header "User-Agent"]] contains "firefox"]} {
        set expires [clock format [clock seconds] -format "%A, %d-%b-%Y 20:00:00"]
        HTTP::respond 200 content "
            HTML
            click here to continue (with a link to https://whatever_he-was_trying_access
            /HTML
        " "Set-Cookie" "WRONGBROWSER=1; path=/; expires=$expires"
    }
}

Forum Discussion

iRule to detect browser and display warning message

8 Replies

Recent Discussions

MAC address not showing up in LLDP packet

F5Access | MacOS Sonoma

Active- Active HA setup

syslog server connection

Cannot see floating MAC address outside of ESXi

Related Content

Display a warning on client browser when cipher suite mismatch

Cipher suite mismatch advertisement/warning

Expired ssl warning

Ending an APM session when browser tab is closed

About Bot Defense can't display