Bug ID 464833: HTTP::uri cannot follow HTTP::respond inside ACCESS_ACL_ALLOWED

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP None(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6

Opened: May 29, 2014

Severity: 3-Major

Symptoms

If there are two events (as following), they will not work together properly. iRule #1 -------- when ACCESS_ACL_ALLOWED { set type [ACCESS::session data get type] if { !($type starts_with "test") } { if { [HTTP::uri] == "/" } { ACCESS::respond 302 Location "https://[HTTP::host]/test/" } } } iRule #2 -------- when ACCESS_ACL_ALLOWED { if { [HTTP::uri] contains "logout" } { after 1 { ACCESS::session remove } } }

Impact

iRule execution error will occur.

Conditions

iRule #1 (with event ACCESS_ACL_ALLOWED, HTTP::respond) has higher priority than iRule #2 (ACCESS_ACL_ALLOWED, HTTP::uri).

Workaround

None

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips