-
-
-
默认语法表达式和策略的摘要示例
-
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
默认语法表达式和策略的摘要示例
下表提供了默认语法表达式的示例,您可以将其用作自己的默认语法表达式的基础。
表 1. 默认语法表达式示例
| 表达式类型 | 示例表达式 |
|---|---|
| 查看 HTTP 请求中使用的方法。 | http.req.method.eq(post) http.req.method.eq(get) |
| 检查 HTTP 请求(req)或响应(res)中的缓存控制或 Pragma 标头值。 |
http.req.header("Cache-Control").contains("no-store") http.req.header("Cache-Control").contains("no-cache") http.req.header("Pragma").contains("no-cache") http.res.header("Cache-Control").contains("private") http.res.header("Cache-Control").contains("public") http.res.header("Cache-Control").contains("must-revalidate")http.res.header("Cache-Control").contains ("proxy-revalidate") http.res.header("Cache-Control").contains("max-age")
|
| 检查请求(req)或响应(res)中是否存在标头。 | http.req.header("myHeader").exists http.res.header("myHeader").exists |
| 根据文件扩展名在 HTTP 请求中查找特定的文件类型。 | http.req.url.contains(".html") http.req.url.contains(".cgi")http.req.url.contains(".asp") http.req.url.contains(".exe") http.req.url.contains(".cfm") http.req.url.contains(".ex") http.req.url.contains(".shtml") http.req.url.contains(".htx") http.req.url.contains("/cgi-bin/") http.req.url.contains("/exec/") http.req.url.contains("/bin/") |
| 在 HTTP 请求中查找除特定文件类型以外的任何内容。 | http.req.url.contains(".gif").not; http.req.url.contains(".jpeg").not |
| 根据内容类型标头检查正在 HTTP 响应中发送的文件的类型。 | http.res.header("Content-Type").contains("text") http.res.header("Content-Type").contains "application/msword") http.res.header("Content-Type").contains("vnd.ms-excel") http.res.header("Content-Type").contains("application/vnd.ms-powerpoint"); http.res.header("Content-Type").contains("text/css"); http.res.header("Content-Type").contains("text/xml"); http.res.header("Content-Type").contains("image/") |
| 检查此响应是否包含过期标头。 | http.res.header("Expires").exists |
| 检查响应中的 Set-Cookie 标头。 | http.res.header("Set-Cookie").exists |
| 检查发送响应的代理。 | http.res.header("User-Agent").contains("Mozilla/4.7") http.res.header("User-Agent").contains("MSIE") |
| 检查请求正文的前 1024 字节是否以字符串“某些文本”开头。 | http.req.body(1024).contains("some text") |
下表显示了常用函数的策略配置和绑定示例。
表 2. 默认语法表达式和策略示例
| 用途 | 示例 |
|---|---|
使用重写功能可替换 HTTP 响应正文中出现的 http:// with https://。 |
add rewrite action httpRewriteAction replace_all http.res.body(50000) "\"https://\"" -pattern http:// add rewrite policy demo_rep34312 "http.res.body(50000).contains(\"http://\")" httpRewriteAction |
| 在 HTTP 正文的前 1000 个字节中,将所有出现的“abcd”替换为“1234”。 | add rewrite action abcdTo1234Action replace_all "http.req.body(1000)" "\"1234\"" -pattern abcd add rewrite policy abcdTo1234Policy "http.req.body(1000).contains(\"abcd\")" abcdTo1234Action bind rewrite global abcdTo1234Policy 100 END -type REQ_OVERRIDE |
| 将 HTTP 版本降级为 1.0,以防止服务器对 HTTP 响应进行分块处理。 | add rewrite action downgradeTo1.0Action replace http.req.version.minor "\"0\"" add rewrite policy downgradeTo1.0Policy "http.req.version.minor.eq(1)" downgradeTo1.0Action bind lb vserver myLBVserver -policyName downgradeTo1.0Policy -priority 100 -gotoPriorityExpression NEXT -type REQUEST |
| 删除所有响应中对 HTTP 或 HTTPS 协议的引用,以便如果用户的连接是 HTTP,则使用 HTTP 打开链接,如果用户的连接是 HTTPS,则使用 HTTPS 打开链接。 | add rewrite action remove_http_https replace_all "http.res.body(1000000).set_text_mode(ignorecase)" "\"//\"" -pattern "re~https?://|HTTPS?://~" add rewrite policy remove_http_https true remove_http_https bind lb vserver test_vsvr -policyName remove_http_https -priority 20 -gotoPriorityExpression NEXT -type RESPONSE |
| 将 http 的实例重写到 https:在所有 URL 中。 | add responder action httpToHttpsAction redirect "\"https://\" + http.req.hostname + http.req.url" -bypassSafetyCheck YES add responder policy httpToHttpsPolicy "!CLIENT.SSL.IS_SSL" httpToHttpsAction bind responder global httpToHttpsPolicy 1 END -type OVERRIDE |
| 修改 URL 以从 URL A 重定向到 URL B。在此示例中,“file5.html”会附加到路径中。 | add responder action appendFile5Action redirect \"http://\" + http.req.hostname + http.req.url + \"/file5.html\"" -bypassSafetyCheck YES add responder policy appendFile5Policy "http.req.url.eq(\"/testsite\")" appendFile5Action bind responder global appendFile5Policy 1 END -type OVERRIDE |
| 将外部 URL 重定向到内部 URL。 | add rewrite action act_external_to_internal REPLACE 'http.req.hostname.server' '"www.my.host.com"' add rewrite policy pol_external_to_internal 'http.req.hostname.server.eq("www.external.host.com")' act_external_to_internal bind rewrite global pol_external_to_internal 100 END -type REQ_OVERRIDE |
| 将请求重定向到具有查询字符串的 www.example.com。值 n 从查询字符串中的服务器参数派生,例如,server=5。 | add rewrite action act_redirect_query REPLACE q#http.req.header("Host").before_str(".example.com")' '"Web" + http.req.url.query.value("server")# add rewrite policy pol_redirect_query q#http.req.header("Host").eq("www.example.com") && http.req.url.contains("?")' act_redirect_query# |
| 限制来自 URL 的每秒请求数。 | add ns limitSelector ip_limit_selector http.req.url "client.ip.src" add ns limitIdentifier ip_limit_identifier -threshold 4 -timeSlice 3600 -mode request_rate -limitType smooth -selectorName ip_limit_selector add responder action my_Web_site_redirect_action redirect "\"http://www.mycompany.com/\"" add responder policy ip_limit_responder_policy "http.req.url.contains(\"myasp.asp\") && sys.check_limit (\"ip_limit_identifier\")" my_Web_site_redirect_action bind responder global ip_limit_responder_policy 100 END -type default |
| 检查客户端 IP 地址,但在不修改请求的情况下传递请求。 | add rewrite policy check_client_ip_policy 'HTTP.REQ.HEADER ("x-forwarded-for").EXISTS HTTP.REQ.HEADER ("client-ip").EXISTS' NOREWRITE bind rewrite global check_client_ip_policy 100 END |
| 从请求中删除旧标头并插入 NS-客户端标头。 | add rewrite action del_x_forwarded_for delete_http_header x-forwarded-for add rewrite action del_client_ip delete_http_header client-ip add rewrite policy check_x_forwarded_for_policy 'HTTP.REQ.HEADER("x-forwarded-for").EXISTS' del_x_forwarded_for add rewrite policy check_client_ip_policy 'HTTP.REQ.HEADER("client-ip").EXISTS' del_client_ip add rewrite action insert_ns_client_header insert_http_header NS-Client 'CLIENT.IP.SRC' add rewrite policy insert_ns_client_policy 'HTTP.REQ.HEADER("x-forwarded-for").EXISTS HTTP.REQ.HEADER("client-ip").EXISTS' insert_ns_client_header bind rewrite global check_x_forwarded_for_policy 100 200 bind rewrite global check_client_ip_policy 200 300 bind rewrite global insert_ns_client_policy 300 END |
| 从请求中删除旧标头,插入 NS-客户端标头,然后修改“插入标头”操作,以便插入标头的值包含旧标头和 Citrix ADC 设备的连接 IP 地址中的客户端 IP 值。请注意,此示例重复前面的示例,但最终集合重写操作除外。 | add rewrite action del_x_forwarded_for delete_http_header x-forwarded-for add rewrite action del_client_ip delete_http_header client-ip add rewrite policy check_x_forwarded_for_policy 'HTTP.REQ.HEADER("x-forwarded-for").EXISTS' del_x_forwarded_for add rewrite policy check_client_ip_policy 'HTTP.REQ.HEADER("client-ip").EXISTS' del_client_ip add rewrite action insert_ns_client_header insert_http_header NS-Client 'CLIENT.IP.SRC' add rewrite policy insert_ns_client_policy 'HTTP.REQ.HEADER("x-forwarded-for").EXISTS HTTP.REQ.HEADER("client-ip").EXISTS' insert_ns_client_header bind rewrite global check_x_forwarded_for_policy 100 200 bind rewrite global check_client_ip_policy 200 300 bind rewrite global insert_ns_client_policy 300 END set rewrite action insert_ns_client_header -stringBuilderExpr 'HTTP.REQ.HEADER("x-forwarded-for").VALUE(0) + " " + HTTP.REQ.HEADER("client-ip").VALUE(0) + " " + CLIENT.IP.SRC' -bypassSafetyCheck YES |
共享
共享
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.