Forum Discussion

T_Rajneesh's avatar
T_Rajneesh
Icon for Nimbostratus rankNimbostratus
Jul 03, 2019

iRule to disallow request Content-Length HTTP header from being sent by server

I have encountered the below error.

 

http_process_state_prepend - Invalid action:0x109010 Server sends too much data. serverside (10.10.10.10:80 -> 20.20.20.20:17587) clientside (149.126.75.14:17587 -> 172.16.172.23:443) (Server side: vip=/Common/vs_test.com_443 profile=http pool=/Common/pool_test_prod_80 server_ip=10.10.10.10)

 

I don't want t enable below passthou.invalid as it will apply for all Virtual server . So decide to use i-rule but not sure the below i-rule is correct or not. can you please help in correcting if it is wrong.

 

  1. To enable the tmm.http.passthru.invalid_content_length database key, type the following command:
  2. modify /sys db tmm.http.passthru.invalid_content_length value enable

 

 

i-rule is correct for disallowing Request Content-Length in the header from being sent from server.

 

when HTTP_REQUEST {

  if { [HTTP::method] eq "POST" } {

    HTTP::collect

  }

}

 

when HTTP_REQUEST_DATA {

  HTTP::header replace Content-Length [HTTP::payload length]

}

 

 

 

 

2 Replies

  • Hi,

    I'm not sure but I think you must remove header on the response event, like this way:

    when HTTP_RESPONSE {
        HTTP::header remove Content-Length
    }

    Unfortunately, I can't confirm if this is the best approach to solve the issue and remember to the notes from the article K42151600:

    Impact of workaround: The impact of the suggested workarounds depends on the specific environment. F5 recommends testing any such changes during a maintenance window with consideration to the possible impact on your specific environment.

    Note: The newly configured behavior is applied to new connections. Existing connections are not affected.

    Regards.

  • SWJO's avatar
    SWJO
    Icon for Cirrostratus rankCirrostratus

    Hi

    1. confidering chunk option in http profile

    2. If you know which url cause that error, using i-rule like this.

    when http_request or response {

    if http url ==myurl

    http disable

    }

    sorry for poor i-rule, not so clear syntax