Jump to content
Welcome to our new Citrix community!

ICAP, WAF and content-length header


Recommended Posts

Hi community,

 

we will implement icap with bitdefender, and all works fine as long as there is no waf in the game. With waf, and I know that, the request content-length header name get's scrumbled (ntcoent-length, cteoont-length, ...). And I have to deliver content-length to bitdefender. So I can create icap header like

 

"content-length: "+HTTP.REQ.HEADER("ntcoent-length")+"\r\n" 

 

Actually I don't want to implement icap policy, action and profile for each variant of content-length and as the waf is setup using cic the only way to exclude these post-requests from waf inspection is to exclude http method POST from being inspected by waf. In non cic-world I would write an expression like "http.req.url.startswith("/UPLOADURL").not" as waf policy.

 

Anyone did icap in combination with waf being enabled?

 

Regards,

Nico

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...