iRule for disallow Request Content-Length in the header from being sent

Question

Hello All,&nbsp;
I'm facing this issue "Request Content-Length differs from actual request body length"&nbsp;

I have contact with the dev team, they have a workaround to disallow this value in the header from being sent, can I do the same on the BIG-IP via iRule?&nbsp;

abdessamad1 · Answer

It's better if the dev team fix their code to send the correct content length value.&nbsp;If that's not possible, you can disable the violation from your ASM blocking settings.&nbsp;Removing the header via irule might trigger other violations.&nbsp;But you can also recalculate the length in an iRule:&nbsp;when HTTP_REQUEST {
    if { [HTTP::method] eq "POST" } {
        HTTP::collect
    }
}
when HTTP_REQUEST_DATA {
    HTTP::header replace Content-Length [HTTP::payload length]
}

Forum Discussion

iRule for disallow Request Content-Length in the header from being sent

1 Reply

Recent Discussions

Geo Fence in ASM through irule for URI

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Related Content

Distributed caching of authentication requests with NGINX Ingress Controller

Logging DNS Requests

Node.js HTTP Message Body: Transfer-Encoding and Content-Length in LineRate lrs/virtualServer Module

Health monitor with login check and content length

F5 AWAF - bypass request based on the pressence of a request header - value