test for http response header, if not there set one

Question

the senario is, the webserver sometimes "forgot" to set http header. I would like a irule witch first is checking if the http header is ther. If the header is present (dont change). If the header is not the, insert a default value.&nbsp;
like :
when HTTP_RESPONCE {&nbsp;
test for the present of http header :
Access-Control-Allow-Credentials
Access-Control-Allow-Headers
Access-Control-Allow-Origin
if they have a value = do nothing.
if they do not then :
                        HTTP::header insert Access-Control-Allow-Credentials "true"
                        HTTP::header insert Access-Control-Allow-Headers ""
                        HTTP::header insert Access-Control-Allow-Origin ""&nbsp;
end&nbsp;

vitaliy_savrans · Answer

Hi,
you can use something like this:
when HTTP_RESPONSE {
if  !{[HTTP::header exists "Access-Control-Allow-Credentials"]} {
HTTP::header insert Access-Control-Allow-Credentials "value"
}
}

nitass · Answer

i think exclamation mark (!) should be inside curly brackets.
e.g.
 config

[root@ve11a:Active:In Sync] config  tmsh list ltm rule qux
ltm rule qux {
    when HTTP_RESPONSE {
  if { ![HTTP::header exists "Access-Control-Allow-Credentials"] } {
    HTTP::header insert "Access-Control-Allow-Credentials" "true"
  }

if { ![HTTP::header exists "Access-Control-Allow-Headers"] } {
    HTTP::header insert "Access-Control-Allow-Headers" ""
  }

if { ![HTTP::header exists "Access-Control-Allow-Origin"] } {
    HTTP::header insert "Access-Control-Allow-Origin" ""
  }
}
}

test

[root@ve11a:Active:In Sync] config  curl -I http://172.28.24.10
HTTP/1.1 200 OK
Date: Fri, 05 Sep 2014 11:06:09 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sun, 09 Feb 2014 08:39:51 GMT
ETag: "41879c-59-2a9c23c0"
Accept-Ranges: bytes
Content-Length: 89
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers:
Access-Control-Allow-Origin:

nitass_89166 · Answer

i think exclamation mark (!) should be inside curly brackets.
e.g.
 config

[root@ve11a:Active:In Sync] config  tmsh list ltm rule qux
ltm rule qux {
    when HTTP_RESPONSE {
  if { ![HTTP::header exists "Access-Control-Allow-Credentials"] } {
    HTTP::header insert "Access-Control-Allow-Credentials" "true"
  }

if { ![HTTP::header exists "Access-Control-Allow-Headers"] } {
    HTTP::header insert "Access-Control-Allow-Headers" ""
  }

if { ![HTTP::header exists "Access-Control-Allow-Origin"] } {
    HTTP::header insert "Access-Control-Allow-Origin" ""
  }
}
}

test

[root@ve11a:Active:In Sync] config  curl -I http://172.28.24.10
HTTP/1.1 200 OK
Date: Fri, 05 Sep 2014 11:06:09 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sun, 09 Feb 2014 08:39:51 GMT
ETag: "41879c-59-2a9c23c0"
Accept-Ranges: bytes
Content-Length: 89
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers:
Access-Control-Allow-Origin:

michael_108224 · Answer

thanks for your ideer. I have modified it a littel, trying to make it fit my vhost irule like :&nbsp;
switch $vhost {
         "domain1" {
               HTTP::version "1.1"
               HTTP::header remove Server
                }
         "domain2" {
if  !{[HTTP::header exists "Access-Control-Allow-Headers"]} {
HTTP::header insert Access-Control-Allow-Headers ""
}
if  !{[HTTP::header exists "Access-Control-Allow-Origin"]} {
HTTP::header insert Access-Control-Allow-Origin ""
}
if  !{[HTTP::header exists "Access-Control-Allow-Credentials"]} {
HTTP::header insert Access-Control-Allow-Credentials "true"
}
}
}&nbsp;
but I get this error in /var/log/ltm :&nbsp;
warning mcpd[7640]: 01071859:4: Warning generated : /Common/town-multi:518: warning: [use curly braces to avoid double substitution][!{[HTTP::header exists "Access-Control-Allow-Headers"]}] /Common/town-multi:521: warning: [use curly braces to avoid double substitution][!{[HTTP::header exists "Access-Control-Allow-Origin"]}] /Common/town-multi:524: warning: [use curly braces to avoid double substitution][!{[HTTP::header exists "Access-Control-Allow-Credentials"]}]&nbsp;
but it seemes to work....&nbsp;

michael_108224 · Answer

yes that made my error "go away" (as described belov)
Thanks

Forum Discussion

test for http response header, if not there set one

8 Replies

Recent Discussions

How to target only webview rendering with CSS?

ltm policy asm_auto_l7_policy

MAC address not showing up in LLDP packet

F5Access | MacOS Sonoma

Active- Active HA setup

Related Content

Introduction of Incident Response

Remove X- Headers From Web Server Response

custom response page for api

FIX Message Response

Security headers