Forum Discussion

RichardDumag's avatar
RichardDumag
Icon for Nimbostratus rankNimbostratus
Aug 16, 2021

iRules for 403 forbidden error

Is it possible to create an iRule to remove a specific post request header information to avoid the 403 forbidden error that is generated from an Oracle Apex application? For example the Origin ...
  • Enes_Afsin_Al's avatar
    Aug 17, 2021

    Hi RichardDumag,

    You can customize http profile for erase a request header.

    Local Traffic  ››  Profiles : Services : HTTP ›› http-profile ››  Request Header Erase

    Request Header Erase: Indicates the name of an HTTP request header that the BIG-IP system removes from the client request. Only one header can be removed per pool, unless you are using LTM Policies or iRules.

    iRule:

    when HTTP_REQUEST {
    	HTTP::header remove "Origin"
    }

    uri based:

    when HTTP_REQUEST {
    	if { [string tolower [HTTP::uri]] equals "/apex_extprd/wwv_flow.ajax" } {
    		HTTP::header remove "Origin"
    	}
    }