Forum Discussion

Chris_Wentland's avatar
Chris_Wentland
Icon for Nimbostratus rankNimbostratus
Apr 07, 2017

HTTP Rewrite of APM Webtop via iRule not functioning

I am working on a project to re-write an APM webtop with dynamic data, and have encountered an issue with capturing an XML file that is part of the webtop using an iRule. I have the exact same rule written for two separate files, one works, the other does not. I'm attaching a simplified version of the rule that logs the HTTP request, the variable that is being used to flag the capture of data in the response, and the response. Starting in version 12, the webtop is delivered in two XML files. I am able to capture and re-write the resource_info_v2.xml file without issue. I'm expanding the rule to document the payload of the request to ensure that the response for these two requests are not being combined in a single response. Any help would be greatly appreciated!

ISSUE: When using the irule below to capture the request for resource_list.xml, the attribute used to flag the capture of the HTTP::response information is reset by another HTTP request.

Files to capture: resource_list.xml which defines the lists of links on the webtop. resource_info_v2.xml which defines the specific links attributes on the webtop.

when CLIENT_ACCEPTED {
    Required in order to fire HTTP_* events on an APM enabled virtual server.
    ACCESS::restrict_irule_events disable
}

when HTTP_REQUEST {
    set debug 1
    set resource_list_capture 0

    if {$debug} { log local0. "Setting resource_list_capture variable to $resource_list_capture" }
    if {$debug} { log local0. "HTTP Resquest for: [HTTP::uri] " }

    if { [HTTP::path] ends_with "/resource_list.xml" } {
        set capture_path [HTTP::path]
        if {$debug} { log local0.alert "resource_list.xml request Identified" }
        set resource_list_capture 1
        if {$debug} { log local0. "Flag to capture resource_list.xml is set: $resource_list_capture" }
    } 
}

when HTTP_RESPONSE {
    if { $resource_list_capture } {
        if {$debug} { log local0. "Original request path: $capture_path" }
        if {$debug} { log local0. "Capture response for resource_list.xml in HTTP Response: $capture_path" }
    } else {
    if {$debug} { log local0. "Flag to capture resource_list.xml NOT FOUND during HTTP Response" }
    }
}

when HTTP_RESPONSE_DATA {
    if { $resource_list_capture } {
        if {$debug} { log local0. "Flag to capture resource_list.xml in HTTP Response DATA: $resource_list_capture" }
    } else {
    if {$debug} { log local0. "Flag to capture resource_list.xml NOT FOUND during HTTP Response Data" }
    }
}

Log file output for this rule:

Rule /Common/variable_test.rule : HTTP Resquest for: /vdesk/resource_list.xml
Rule /Common/variable_test.rule : resource_list.xml request Identified
Rule /Common/variable_test.rule : Flag to capture resource_list.xml is set: 1
Rule /Common/variable_test.rule : Setting resource_list_capture variable to 0
Rule /Common/variable_test.rule : HTTP Resquest for: /vdesk/resource_info_v2.xml?prtn=/Common/&na_res=SSLVPN.connect.ap_na_res&rd_res=RDG_Template
Rule /Common/variable_test.rule : Flag to capture resource_list.xml NOT FOUND during HTTP Response

7 Replies

  • Josiah_39459's avatar
    Josiah_39459
    Historic F5 Account

    If your logging timing is to be believe it looks like the request for /vdesk/resource_info_v2.xml comes before the response to /vdesk/resource_list.xml and thus unsets the flag. HTTP allows for multiple requests without waiting for a response (https://en.wikipedia.org/wiki/HTTP_pipelining) which seems like that's what it happening, right?

     

  • Hey Josiah! Basically, yes. That was my initial suspicion of what was occurring, although I am able to request specifically the /vdesk/resource_list.xml after logging in, and it will not process the HTTP_response section either. As a test,I logged in to the webtop. I changed the HTTP_response section to set the flag to 1 to begin with instead of zeroing it. I then changed my URL to /vdesk.resource_list.xml and the page loads. I never get a log entry from HTTP_response or HTTP_response_data.

    If you take this exact same iRule and replace the file with resource_info_v2.xml, it works with no issues. I've got that irule (listed below) applied to the same VS and it hits every time with no issues.

    when CLIENT_ACCEPTED {
        Required in order to fire HTTP_* events on an APM enabled virtual server.
        ACCESS::restrict_irule_events disable
    
    }
    
    when HTTP_REQUEST {
        set debug 1
        set resource_info_capture 0
    
        if {$debug} { log local0. "Setting resource_list_capture variable to $resource_info_capture" }
        if {$debug} { log local0. "HTTP Resquest for: [HTTP::uri] " }
    
        if { [HTTP::path] ends_with "/resource_info_v2.xml" } {
            set capture_path [HTTP::path]
            if {$debug} { log local0.alert "resource_info_v2.xml request Identified" }
            set resource_info_capture 1
            if {$debug} { log local0. "Flag to capture resource_info_v2.xml is set: $resource_info_capture" }
        } 
    }
    
    when HTTP_RESPONSE {
        if { $resource_info_capture } {
            if {$debug} { log local0. "Original request path: $capture_path" }
            if {$debug} { log local0. "Flag to capture resource_info_v2.xml in HTTP Response: $capture_path" }
            if { [HTTP::header exists "Content-Length"] and [HTTP::header "Content-Length"] <= 1048576 } {
                HTTP::collect [HTTP::header Content-Length]
            } else {
                HTTP::collect 1048576
            }
        } else {
        if {$debug} { log local0. "Flag to capture resource_info_v2.xml NOT FOUND during HTTP Response" }
        }
    }
    
    when HTTP_RESPONSE_DATA {
        if { $resource_info_capture } {
            if {$debug} { log local0. "Flag to capture resource_info_v2.xml in HTTP Response DATA: $resource_info_capture" }
            set log_payload [HTTP::payload]
            if {$debug} { log local0. "HTTP Payload: [HTTP::payload]" }
        } else {
        if {$debug} { log local0. "Flag to capture resource_info_v2.xml NOT FOUND during HTTP Response Data" }
        }
    }
    
  • I also added a the condition below... This should only set that variable if it does not exist already. This did get overwritten by the resource_info_v2.xml request. But I was able to change my path to /vdesk/resource_list.xml, and the log messages are below... I still never get an HTTP response, but I receive the data somehow.

    if { not[info exists resource_list_capture] } {
            set resource_list_capture 0
            if {$debug} { log local0. "Setting resource_list_capture variable to $resource_list_capture" }
        } else {
            if {$debug} { log local0. "Resource_list_capture variable already set to $resource_list_capture" }
        }
    
    Rule /Common/variable_test.rule : Setting resource_list_capture variable to 0
    Rule /Common/variable_test.rule : HTTP Resquest for: /vdesk/resource_list.xml
    Rule /Common/variable_test.rule : resource_list.xml request Identified
    Rule /Common/variable_test.rule : Flag to capture resource_list.xml is set: 1
    
  • Josiah_39459's avatar
    Josiah_39459
    Historic F5 Account

    Maybe it's cached. HTTP Response and HTTP Response Data are serverside events, so they won't fire if the content is served from memory cache. You'd have to make sure to intentionally invalidate the cache and request it from the server (which is in this case internal to the BIG-IP, but a server nonetheless)

     

  • Josiah_39459's avatar
    Josiah_39459
    Historic F5 Account

    If you can't get it uncached (in the memory cache settings) or use a trick to request it (like redirect base requests to request to "resource_list.xml?uniqueidentifer9813857120"), then there's probably no way around it, except creating a feature request to have it be no-caching or have a toggle setting somewhere.

     

  • Hey Josiah, I verified that the request and response headers should not be allowing cached content for this resource, and attempted to add the unique identifier. We still don't trigger the HTTP Response event. The issue overall is that the server is the APM itself. If I cannot change this XML file, I cannot write custom webtop links in version 12. I'm going to have to work on a feature request to resolve this issue at this point. We were using 11.6.1 which has a known bug with NTLM authentication that is critical to this configuration. The only resolved version in the 11.x train is 11.6.0 HF6. I don't want to be stuck in the older train of code, so moving forward is my only option at this point.

     

    Response Headers:

     

    * Cache-Control:no-cache, no-store

     

    * Connection:Close

     

    * Content-Length:424

     

    * Content-Type:text/xml

     

    * Pragma:no-cache

     

    * Server:BigIP

     

    Request Headers:

     

    * Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8

     

    * Accept-Encoding:gzip, deflate, sdch, br

     

    * Accept-Language:en-US,en;q=0.8

     

    * Cache-Control:max-age=0

     

    * Connection:keep-alive

     

    Rule /Common/variable_test.rule : HTTP Resquest for: /vdesk/resource_list.xml?uniqueidentifer9813857120

     

    Rule /Common/variable_test.rule : resource_list.xml request Identified

     

    Rule /Common/variable_test.rule : Flag to capture resource_list.xml is set: 1