Forum Discussion

Exploitation_Re's avatar
Exploitation_Re
Icon for Nimbostratus rankNimbostratus
Apr 10, 2019

Irule HTTP header remove

Hi,

 

I need to do an irule to remove arguments in a response HTTP header.

 

when HTTP_RESPONSE { HTTP::header remove Server HTTP::header remove X-Powered-By

 

}

 

But I want only on specific URI,

 

Can you help me please.

 

Regards

 

1 Reply

  • Hi Exploitation Reseau Almerys,

    you need to check the HTTP-Path (or HTTP::uri) within the

    HTTP_REQUEST
    event and then
    set
    a
    $variable
    with the outcome of the check (e.g. Boolean
    0|1
    ). The
    $variable
    can then be used to selectively remove HTTP-Response-Headers as needed.

    when HTTP_REQUEST {
        switch -glob -- [string tolower [HTTP::path]] {
            "/somepath/file.txt" {
                set remove_header 0
            }
            "/somepath/*" {
                set remove_header 1
            }
            "/somepath/*.txt" {
                set remove_header 0
            }
            "/somepath/*" {
                set remove_header 1
            }
            "/someotherpath/*" {
                set remove_header 1
            }
            "/someotherpath/file.txt" {
                 Note this wont work because the previous condition was already triggered.
                set remove_header 0
            }
            default {
                set remove_header 0
            }
        }
    }
    when HTTP_RESPONSE {
        if { $remove_header == 1 } then {
            HTTP::header remove "Server"
            HTTP::header remove "X-Powered-By"
        }
    }
    

    Cheers, Kai