aj_2511
Feb 12, 2008Nimbostratus
Parse POST parameters
Hi,
i'm trying to do Security iRules for my webmail application : iNotes.
This Webmail uses a lot of POST requests to send parameters. Using HTTP Analyzer, I can see that requests are as this :
-----------------------------7d81f87640cf4
Content-Disposition: form-data; name="%%ModDate"
-----------------------------7d81f87640cf4
Content-Disposition: form-data; name="%%PostCharset"
ISO-8859-1
-----------------------------7d81f87640cf4
Content-Disposition: form-data; name="h_SceneContext"
putAway['publishAction']&&&&&&putAway['publishFolderTitle']&&&&&&putAway['ME']&&&&&&putAway['publishFolderPageUnid']&&&&&&putAway['tocPosition']&&&&&&putAway['tmpText']&&&&&&putAway['selectedFolderIndex']&&&0&&&putAway['BSi']&&&&&&
-----------------------------7d81f87640cf4
Content-Disposition: form-data; name="h_EditAction"
h_Next
-----------------------------7d81f87640cf4
Content-Disposition: form-data; name="h_SetEditCurrentScene"
s_StdPageEdit
[...]
I'd like to be able to get each parameter to verify that there is no problem with size, specifics characters, ...
The iRule I'm using to do this :
rule Security-Limit_Parameters_Size-Rule {
when RULE_INIT {
set ::debug 1
set ::max_post_param_length 500
}
when HTTP_REQUEST {
switch [HTTP::method] {
"GET" {
}
"POST" {
HTTP::collect [HTTP::header Content-Length]
}
}
}
when HTTP_REQUEST_DATA {
set ::parametersList [split [HTTP::payload] "&"]
for {set ::i 0} {$::i < [llength $::parametersList]} {incr ::i} {
set ::parameter [split [lindex $::parametersList $::i] "="]
log local0. "Parameter : [lindex $::parameter 0]
if { [string length [lindex $::parameter 1]] > $::max_post_param_length } {
if { $::debug } {
log local0. "Triggered by IP : [IP::client_addr] with URI [HTTP::uri] and parameter length : [string length [lindex $::parameter 1]]"
}
reject
}
}
}
}
It seems that this iRules is not working since I can't see the complete lists of the parameters. Is there a way to do this on a content-type which is not "x-www-form-urlencoded" ?
Thanks for your help.
Regards,
-- Alexis