[HTTP::uri] contains "*"

Question

&nbsp;A vulnerability has been detected in the application, and if someone puts the character "*" in the url, it goes where it doesn't have to.we thought about doing a simple redirect, but it doesn't work.when HTTP_REQUEST {&nbsp;if { [HTTP::uri] equals "/" || [HTTP::uri] equals "/example1" || [HTTP::uri] contains "*" }{&nbsp;&nbsp;&nbsp;HTTP::redirect "https://[HTTP::host]/blabla/"}&nbsp;}the original irule did not have [HTTP :: uri] contains "*". has been put it and failed.any ideas please?&nbsp;thanks in advance&nbsp;

xuwen · Answer

use this code:when HTTP_REQUEST {	switch -glob [HTTP::uri] { {*[*]*} - "/" - "/example1" { HTTP::redirect "https://[HTTP::host]/blabla" }	}}&nbsp;

josep1 · Answer

great¡¡thank you very much¡¡. I try it and tell you.

Forum Discussion

[HTTP::uri] contains "*"

2 Replies

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Stable point of Configuration " Rescue Point "

F5 Partner Solution Showcase - "ImmuniWeb - Application Security Testing and Remediation"

F5 Partner Solution Showcase - "BlockAPT Platform - Command for Unified Visibility"

OpenSSL CVE-2022-3786 and CVE-2022-3602 or "The Critical that wasn't"

Modern Template "Decision Box" modify "title" item