NimbostratusI've got a lovely challenge where I need to remove the jsessionid content from an URI.
https://test.com/web/tabs;jsessionid=07E052F5D
This would be on the server back to the client so I'm thinking I can use a HTTP_RESPONSE event. I just don't know the easiest way to remove that content.
Any help would be appreciated :)
Employee
[root@ve1023:Active] config b virtual bar list
virtual bar {
snat automap
pool foo
destination 172.28.19.79:80
ip protocol 6
rules myrule
profiles {
http {}
stream {}
tcp {}
}
}
[root@ve1023:Active] config b pool foo list
pool foo {
members 200.200.200.101:80 {}
}
[root@ve1023:Active] config b rule myrule list
rule myrule {
when HTTP_REQUEST {
STREAM::disable
HTTP::header remove "Accept-Encoding"
}
when HTTP_RESPONSE {
if {[HTTP::header value Content-Type] contains "text"}{
STREAM::expression {@;jsessionid=\w{9}@@}
STREAM::enable
}
}
}
[root@ve1023:Active] config curl -i http://200.200.200.101/test.html
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2012 16:02:43 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 24 Jan 2012 15:58:04 GMT
ETag: "4183f2-a5-36565b00"
Accept-Ranges: bytes
Content-Length: 165
Set-Cookie: BROWSER=MOZILLA%20INTERNET_EXPLORER%20CHROME; path=/
Content-Type: text/html; charset=UTF-8
...
https://www.google.com/
https://test.com/web/tabs;jsessionid=07E052F5D
https://www.yahoo.com/
...
[root@ve1023:Active] config curl -i http://172.28.19.79/test.html
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2012 16:02:46 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 24 Jan 2012 15:58:04 GMT
ETag: "4183f2-a5-36565b00"
Accept-Ranges: bytes
Set-Cookie: BROWSER=MOZILLA%20INTERNET_EXPLORER%20CHROME; path=/
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
...
https://www.google.com/
https://test.com/web/tabs
https://www.yahoo.com/
...
Cirrostratus
when HTTP_REQUEST {
Check if the path contains a jsessionid
if {[HTTP::path] contains ";jsessionid="}{
Split the path on the jsession ID and update it to the first field
HTTP::path [getfield [HTTP::path] ";jsessionid=" 1]
}
}
Or if you need to hide the JSESSIONID from the client you'd need to rewrite the response content using an stream profile and STREAM::expression iRule. You could use a STREAM::expression like:
STREAM::expression {@;[jJ][sS][eE][sS][sS][iI][oO][nN][iI][dD]=[a-zA-Z0-9]*@@}
http://devcentral.f5.com/wiki/iRules.stream__expression.ashx
Aaron
Cirrostratus
David, here are a couple of small suggestions:
If the JSESSIONID is in mixed case and/or the value can be more than 9 hex characters you could use the stream expression from my example. Also, you might need to remove the JSESSIONID from redirects. If so, you can add this to Nitass's example in HTTP_RESPONSE:
Check if response is a redirect and the Location header has a jsessionid
if {[HTTP::is_redirect] and [HTTP::header Location] contains ";jsessionid="}{
Remove ;jsessionid= up until a ? which starts the query string
HTTP::header replace [string map [list [findstr [string tolower [HTTP::header Location]] ";jsessionid=" 12 "?"] ""] [HTTP::header Location]]
}
Aaron
Nimbostratus
I have a feeling the requirement is to remove the JSESSION data from the response content but I should know more this afternoon. I've never messed with stream profiles so this would be a first.
Thanks,