DJDX21_252164
May 17, 2016Cirrus
Strict-Transport-Security (HSTS) header throws Operation not supported errors
This is my iRule to add "Strict-Transport-Security" header to my http response code.
when HTTP_RESPONSE {
set strictTransportSecurityHeader {Strict-Transport-Security}
if { [HTTP::header exists $strictTransportSecurityHeader] } {
HTTP::header remove $strictTransportSecurityHeader
}
HTTP::header insert $strictTransportSecurityHeader {max-age=31536000; includeSubDomains}
}
This works fine and I get this "Strict-Transport-Security: max-age=31536000; includeSubDomains" as output.
But it throws warnings in monitoring tool
01220001:3: TCL error: /Common/StrictTransportSecurity_HSTS - Operation not supported (line 7) invoked from within "HTTP::header insert $strictTransportSecurityHeader {max-age=31536000; includeSubDomains}" Errors. Any idea what might be going wrong?