ASM redirect on api call, does not generate a redirect for a user
Hi,
Looking to solve a problem with a ASM Policy. Where by i force it to redirect the user to a custom page explaining what has happened to their request. But when it blocks a background call (api service call) the browser page that generated the request is not enlightened by this. This is by no means a simple thing to resolve but am looking for the best practice solution to the issue that redirecting to a custom page does not handle all cases.
I thought maybe handling the ASM response in Irule might enable me to alter the response and deliver a different payload that would enable me to redirect to the custom page.
How do other people handle this background service call blocking issue if someone manages to incorrectly get blocked in a background process.
Thanks
So I have sorted out a solution to this albeit not very graceful. I could not get a popup of any type to display. What i did, in the custom response, Dropped a cookie, on the client machine, than on the next request read the cookie with an IRUle and deleted it, forcing a redirect to the block page at that point in time, and passing the support ID through the cookie i had created.
Not very graceful, as it doesnt redirect to the support page instantly, but it shows the support page afterwards. Bit of a hack, issue is that each request redirected by the Location: 302 redirect that works successfully does not delete the cookie, so the support page needs to also delete the cookie to stop repeated redirects.
irule:
when HTTP_REQUEST { set block_is_set [HTTP::cookie exists "Block-Cookie"] if {$block_is_set == 1} { set support_id [HTTP::cookie value "Block-Cookie"] HTTP::cookie remove "Block-Cookie" HTTP::respond 302 noserver Location "https://supportpageDomain/URLPath?support_id=$support_id" Connection close Set-Cookie "Block-Cookie=;expires=Thu, 01 Jan 1970 00:00:00 GMT" } }
Custom Response Header:
HTTP/1.1 302 OK Cache-Control: no-cache Pragma: no-cache Location: https://supportpageDomain/URLPath?support_id=<%TS.request.ID()%> set-cookie: Block-Cookie=<%TS.request.ID()%>; Path=/; HttpOnly; Secure