authorization header are dropped

Hi Guy,

1. There is some problems. In UAT,

HTTP::header remove X-Forward-For

line may include misspelling. Correct version must be:

HTTP::header remove X-Forwarded-For

2. In UAT, if X-Forwaded-For header exists, then new X-forwarded-for header is added. (In the if statement,

HTTP::header insert X-Forwarded-For [IP::client_addr]

)

3.In UAT, and PROD if X-Forwaded-For header does not exist, then a X-forwarded-for header is added. (In the else statements,

HTTP::header insert X-Forwarded-For [IP::client_addr]

)

4. In PROD if X-Forwaded-For header exists, then Client IP is added into the existing X-forwarded-for header . (In the if statement,

HTTP::header replace X-Forwarded-For "[HTTP::header X-Forwarded-For], [IP::client_addr]"

)

Hi,

to sum UP:

In UAT if "X-Forwarded-For" exist you add an additional value using this command (and even if this header don't exist you insert X-Forwarded-For header in else condition):

HTTP::header insert X-Forwarded-For [IP::client_addr]

In production you check if "X-Forwarded-For" header exist, if yes you replace value by:

HTTP::header replace X-Forwarded-For "[HTTP::header X-Forwarded-For], [IP::client_addr]"

but you made a mistake you forget values in command:

HTTP::header replace X-Forwarded-For "[HTTP::header values X-Forwarded-For][IP::client_addr]"

So modify text your irule production by:

when HTTP_REQUEST { 
if {[HTTP::header exists X-Forwarded-For]}{
    HTTP::header replace X-Forwarded-For "[HTTP::header values X-Forwarded-For], [IP::client_addr]" 
} else { 
HTTP::header insert X-Forwarded-For [IP::client_addr] 
}

Keep me update.

regards