Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Strip HTTP Origin header based on its value before hit the ASM

Hi Everyone

Our app using CORS, and it's working normally with correct origin headers:

Origin: <scheme> "://" <hostname> [ ":" <port> ]

But also all mobile clients sending Origin header with value 'file://' this causes (Illegal cross-origin request)

POST /xxx/yyy HTTP/1.1
Host: ddd:8001
Connection: keep-alive
Content-Length: 2
Accept: application/json, text/plain, */*
Origin: file://

i want to add iRule to Strip this header Origin: file:// before hit the ASM and allow normal Origin headers like: Origin: https://xyz.com:8080 Origin: https://xyz.com:8090

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi Mohanad,

use the iRule below to remove every Origin header that starts_with the string file://.

when HTTP_REQUEST {
    if { [HTTP::header value "Origin"] starts_with "file://" } then {
        HTTP::header remove "Origin"
    }
}

Cheers, Kai

0
Comments on this Answer
Comment made 1 month ago by Mohanad 172

Thank you Kai, can i log this action? is this the right syntax?

 when HTTP_REQUEST {
    if { [HTTP::header value "Origin"] starts_with "file://" } then {
        HTTP::header remove "Origin"
        log local0. "Removing $header: [HTTP::header value $header]"
    }
}
0
Comment made 1 month ago by Kai Wilke 6861

Hi Mohanad,

your log statement refers to the non-existing TCL variable $header, so it will most likely create a TCL runtime excemption and reset the ongoing TCP connection.

The iRule below contains some additional log lines for you...

when HTTP_REQUEST {
    if { [HTTP::header value "Origin"] starts_with "file://" } then {
        log local0.debug "Found Origin request header referencing local ressources: [HTTP::header value "Origin"]"
        HTTP::header remove "Origin"
        log local0.debug "Cleared Origin header... [HTTP::header value "Origin"]"
    }
}

Cheers, Kai

0
Comment made 1 month ago by Mohanad 172

Thank you Kai for the iRule, you're awesome :D, i don't have any irule skill :(

Cheers, Mohanad

0