Contribute Open Script

[BRCD_OS_117] Prohibited HTTP Methods

by Yasir_Liaqatullah on ‎01-20-2012 03:16 PM (622 Views)

Area

Content inspection

Traffic

HTTP

Description

            This script analyzes the incoming request and looks the methods used in the request. Any requests that use administratively prohibited methods are responded with a reset to the client. Requests with allowed methods are forwarded to servers. The blocked methods are defined in the “BEGIN” section of the below script.

Performance Estimate

            TBD

Required Backend configuration

            No special configuration is required

Events and API Used

Events

API

HTTP_REQUEST

OS_HTTP_REQUEST::method

OS_SLB::reset_client

OS_SLB::forward

Script source code

# Purpose: Send RESET if request has any admin prohibited methods

# This script can be used to block valid but administratively blocked methods.

use OS_SLB;

use OS_HTTP_REQUEST;

# Customize the variables in sub BEGIN to match your network

sub BEGIN {

       @blocked_methods = ("POST", "PUT");

       $group_id = "30"

}

sub HTTP_REQUEST () {

       #print "HTTP Request event is triggered\n";

       # Below flag to track how the request should be dealt with

       my $final_action_flag = 0;

       my $req_method = OS_HTTP_REQUEST::method;

       foreach $method (@blocked_methods) {

              if ($method =~ m/^$req_method$/) {

                     $final_action_flag = 1; 

                     last;

              }

       }

       if ($final_action_flag) {

              OS_SLB::reset_client();

       } else {

              OS_SLB::forward("$group_id");

       }

}