Community Leaderboard

# Name Points
1 Kevin Stewart Kevin Stewart  8574
2 nitass nitass  2240
3 Cory Cory  1516
4 IheartF5 IheartF5  1511
5 Hamish Hamish  1176
Full Leaderboard »

DevCentral Latest Activity Stream

nitass answered the question URL Based redirection

5 seconds ago

Simon Waters commented on iRule Security 101 - #02 - HTTP Methods and Cross Site Tracing

Wondering if this has changed in recent versions at all?

Also thinking the method is back to front entirely, but that is easily fixed.

Since new methods may be added to HTTP, we should whitelist allowed methods not blacklist denied methods.

We can do that here, last time I did it was with Squid proxy 2.mumble, and there you could only "deny" methods in the config file, so I wrote a script to extract methods known from where they were enumerated in the Squid proxy header file, and deny all those not on my whitelist. Since Squid proxy has the decency to reject http methods it doesn't recognise this was adequate - of course it wasn't choosy out of the box and TRACE and all of WebDAV methods were allowed by default.

42 minutes ago

nitass answered the question HTTP/HTTPS Asymmetric-Routing iRule

55 minutes ago