Jump to content
Welcome to our new Citrix community!

A strange problem in the response policy that I can't solve, and I thought maybe someone could help me.


Or Shellyy

Recommended Posts

I am having a problem with a response policy that should check if two values are equal. If they are equal, I should get "true". If they are not equal, I should get "false".

However, I always get true, even if the values are equal and even if they are not equal.

 

For example, I am using the following expression:

HTTP.REQ.URL.PATH.EQ("/validTestOTP") && HTTP.REQ.BODY(500).AFTER_STR("PEM1=").BEFORE_STR("&").EQ(HTTP.REQ.BODY(500).AFTER_STR("PEM2=").BEFORE_STR("%%"))

 

When the body contains the following values:

GET /validTestOTP HTTP/1.1

Host: www.foobar.com

User-Agent: Mozilla Firefox/3.0.3

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: en-us,en;q=0.5

Accept-Encoding: gzip,deflate

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7

Keep-Alive: 300

Connection: keep-alive

Date: Thu, 09 Oct 2008 18:25:00 GMT

Cookie: sessionid=100xyz

 

PEM1=1&PEM2=2%%

I still get true, even though the values are not equal.

Link to comment
Share on other sites

I guess, there is something wrong about your expressions.

 

To debug, you could create a custom log entry like that (see here, if you don't know: https://norz.at/?p=572):

 

"Param 1: " + HTTP.REQ.BODY(500).AFTER_STR("PEM1=").BEFORE_STR("&") + " Param 2: " + HTTP.REQ.BODY(500).AFTER_STR("PEM2=").BEFORE_STR("%%")

 

This would log these substrings into syslog. you might watch the output in realtime by using # tail -F /var/log/ns.log | grep Param

Link to comment
Share on other sites

I just saw this is an HTTP GET? A GET containing a body is quite unusual. Server semantics for GET, however, are restricted such that a body, if any, has no semantic meaning to the request. The requirements on parsing are separate from the requirements on method semantics. So, yes, you can send a body with GET, and no, it is never useful to do so.

 

Probably that's why the policy fails. I didn't try to send an HTTP get with content to my NetScaler, so I could not give it a try. Probably, both expressions are empty and therefore equal? Or both of them are not defined and therefore equal? I don't know.

Link to comment
Share on other sites

On 12/29/2023 at 10:52 AM, Johannes Norz said:

I just saw this is an HTTP GET? A GET containing a body is quite unusual. Server semantics for GET, however, are restricted such that a body, if any, has no semantic meaning to the request. The requirements on parsing are separate from the requirements on method semantics. So, yes, you can send a body with GET, and no, it is never useful to do so.

 

Probably that's why the policy fails. I didn't try to send an HTTP get with content to my NetScaler, so I could not give it a try. Probably, both expressions are empty and therefore equal? Or both of them are not defined and therefore equal? I don't know.

Thank you very much for the response,

I tried to make a GET request and it's still not working for me. Please take a look at the pictures I sent. 

I am trying to create a request that checks if the OTP I enter matches what is received in the body. So, I am attempting to create a response that does that.

Equal.jpeg

not Equal.jpeg

Link to comment
Share on other sites

  • 2 weeks later...

Well, these are no GET, but POST messages. That's a very different piece of cake, and it makes sense to me. Never mix up GET and POST! (see https://www.rfc-editor.org/rfc/rfc9110.html#name-method-definitions)

 

I have double-checked your expressions, and they evaluate 1 and 2.

 

HTTP.REQ.BODY(500).AFTER_STR("PEM1=").BEFORE_STR("&").EQ("2")

 returns false

HTTP.REQ.BODY(500).AFTER_STR("PEM2=").BEFORE_STR("%%").EQ("1")

 returns false

HTTP.REQ.BODY(500).AFTER_STR("PEM1=").BEFORE_STR("&").EQ(HTTP.REQ.BODY(500).AFTER_STR("PEM2=").BEFORE_STR("%%"))

 returns true

 

I can't help.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...