20 Lines or Less #18

What could you do with your code in 20 Lines or Less? That's the question I ask (almost) every week, and every week I go looking to find cool new examples that show just how flexible and powerful iRules can be without getting in over your head.

Back with more cool examples of what iRules can do in a scant 20 lines of code, this week's 20LoL brings you three different HTTP goodies.

 

Fully Decode URI

http://devcentral.f5.com/s/Wiki/default.aspx/iRules/FullyDecodeURI.html

This cool example from the wiki shows how you can ensure that your URI is not just decoded once, which can leave stray encoded characters behind, but that it's actually fully decoded. This is done with a while loop and a check to compare the decoded URI with the last pass. Take a look.

when HTTP_REQUEST {  # decode original URI.  set tmpUri [HTTP::uri]  set uri [URI::decode $tmpUri]  # repeat decoding until the decoded version equals the previous value.  while { $uri ne $tmpUri } {    set tmpUri $uri    set uri [URI::decode $tmpUri]  }  HTTP::uri $uri  # log local0. "Original URI: [HTTP::uri]"  # log local0. "Fully decoded URI: $uri"}

 

HTTP Track Unanswered Requests

If you're looking for a way to determine how many HTTP requests are still left open, or unanswered, then this is the iRule for you.  In yet another great example of iRules power and brevity, this example provides some nice utility as well.

when HTTP_REQUEST {  STATS::incr StatsDemo inFlight  if { [STATS::get StatsDemo inFlight] > [STATS::get StatsDemo inFlightMax] } {    STATS::set StatsDemo inFlightMax [STATS::get StatsDemo inFlight]  }}when HTTP_RESPONSE {  STATS::incr StatsDemo inFlight -1}

 

Cookie Encryption Gateway

If you're looking to encrypt/decrypt ALL cookies going in and out of a virtual in one fell swoop, then here's your solution.  Normal configuration of profiles requires you to state each cookie that's going to be encrypted. This iRule allows you to add or remove cookies from your application at will, while always being sure they're going to be secured.

when RULE_INIT {  # Exposed passphrase, but this key can be synchronized to the peer LTM    set ::passphrase "secret"  # Private passphrase, but it isn't synchronized.  On LTM failover to  # its peer, applications relying on the encrypted cookies will break.    # set ::passphrase [AES::key]}when HTTP_REQUEST {  foreach { cookieName } [HTTP::cookie names] {    HTTP::cookie decrypt $cookieName ::passphrase  }}when HTTP_RESPONSE {  foreach { cookieName } [HTTP::cookie names] {    HTTP::cookie encrypt $cookieName ::passphrase  }}
 

There they are, this week's 20 Lines or Less examples.  This series has been awesome fun so far and I'm constantly impressed with the kinds of things that can be done in less than 21 lines of code.  If you have any ideas, suggestions, comments, etc. please let me know. I'd love to hear your thoughts.  Until next time, code hard.

#Colin

Published Dec 31, 2008
Version 1.0
20 lines or less
20lines
application delivery
cookie
dev
devops
encryption
hardware
http
iRules

Was this article helpful?

No CommentsBe the first to comment