APIRef_tm_ltm_profile_http

mgmt/tm/ltm/profile/http

/tm/ltm/profile

Virtual server HTTP traffic profile configuration

REST Endpoints

Collection URI
/mgmt/tm/ltm/profile/http
Collection Methods
OPTIONS, GET
Resource URI
/mgmt/tm/ltm/profile/http/~resource id
Resource Methods
OPTIONS, GET, PUT, PATCH, DELETE, POST
Resource Natural Key
name, partition, subPath

Properties

Name Type Default Value Required Access Description
acceptXff string disabled optional read/write Enables or disables trusting the client IP address, and statistics from the client IP address, based on the request’s XFF (X-forwarded-for) headers, if they exist.
appService string   optional read/write The application service to which the object belongs.
basicAuthRealm string   optional read/write Specifies a quoted string for the basic authentication realm. The system sends this string to a client whenever authorization fails. The default value is none.
defaultsFrom string   optional read/write Specifies the profile that you want to use as the parent profile. Your new profile inherits all settings and values from the parent profile specified.
description string   optional read/write User defined description.
encryptCookieSecret string   optional read/write Specifies a passphrase for the cookie encryption.
encryptCookies string   optional read/write Encrypts specified cookies that the BIG-IP system sends to a client system.
fallbackHost string   optional read/write Specifies an HTTP fallback host. HTTP redirection allows you to redirect HTTP traffic to another protocol identifier, host name, port number, or URI path. For example, if all members of the targeted pool are unavailable (that is, the members are disabled, marked as down, or have exceeded their connection limit), the system can redirect the HTTP request to the fallback host, with the HTTP reply Status Code 302 Found.
fallbackStatusCodes string   optional read/write Specifies one or more three-digit status codes that can be returned by an HTTP server.
headerErase string   optional read/write Specifies the header string that you want to erase from an HTTP request. You can also specify none.
headerInsert string   optional read/write Specifies a quoted header string that you want to insert into an HTTP request. You can also specify none. The HTTP header being inserted can include a client IP address. Including a client IP address in an HTTP header is useful when a connection goes through a secure network address translation (SNAT) and you need to preserve the original client IP address. When you assign the configured HTTP profile to a virtual server, the system then inserts the header specified by the profile into any HTTP request that the system sends to a pool or pool member.
insertXforwardedFor string disabled optional read/write When using connection pooling, which allows clients to make use of other client requests’ server-side connections, you can insert the X-Forwarded-For header and specify a client IP address.
lwsSeparator string   optional read/write Specifies the linear white space separator that the system should use between HTTP headers when a header exceeds the maximum width specified by the lws width setting.
lwsWidth integer 80 optional read/write Specifies the maximum number of columns allowed for a header that is inserted into an HTTP request.
oneconnectTransformations string   optional read/write Enables the system to perform HTTP header transformations for the purpose of keeping server-side connections open. This feature requires configuration of a OneConnect profile.
tmPartition string Common optional read/write Displays the administrative partition within which this profile resides.
proxyType string reverse optional read/write Specifies the type of HTTP proxy.
redirectRewrite string none optional read/write Specifies which of the application HTTP redirects the system rewrites to HTTPS. Use this feature when the application is generating HTTP redirects that send the client to HTTP (a non-secure channel) when you want the client to continue accessing the application using HTTPS (a secure channel). This is a common occurrence when using client-side SSL processing on a BIG-IP system.
requestChunking string preserve optional read/write Specifies how to handle chunked and unchunked requests.
responseChunking string preserve optional read/write Specifies how to handle chunked and unchunked responses.
responseHeadersPermitted string   optional read/write Specifies headers that the BIG-IP system allows in an HTTP response.
serverAgentName string BigIP optional read/write Specifies the value of the Server header in responses that the BIG-IP itself generates. The default is “BigIP”. If no string is specified, then no Server header will be added to such responses.
viaHostName string   optional read/write Specifies the hostname to include into Via header.
viaRequest string preserve optional read/write Specifies whether to append, remove, or preserve a Via header in an HTTP request.
viaResponse string preserve optional read/write Specifies whether to append, remove, or preserve a Via header in an HTTP response.
xffAlternativeNames string   optional read/write Specifies alternative XFF headers instead of the default X-forwarded-for header.

Structures

Name Type Default Value Required Access Description
/enforcement array_structure   optional read/write  
/enforcement/excess-client-headers string reject optional read/write Specifies the behavior when too many client headers are received. If enabled, will switch to pass through mode instead of rejecting the connection.
/enforcement/excess-server-headers string reject optional read/write Specifies the behavior when too many server headers are received. If enabled, will switch to pass through mode instead of rejecting the connection.
/enforcement/known-methods string CONNECT DELETE GET HEAD LOCK OPTIONS POST PROPFIND PUT TRACE UNLOCK optional read/write Specifies which HTTP methods count as being known. Removing RFC-defined methods from this list will cause the HTTP filter to not recognize them.
/enforcement/max-header-count integer 64 optional read/write Specifies the maximum number of headers allowed in HTTP request/response. The default is 64 headers.
/enforcement/max-header-size integer 32768 optional read/write Specifies the maximum header size.
/enforcement/max-requests integer   optional read/write Specifies the number of requests that the system accepts on a per-connection basis. The default value is 0 (zero), which means the system does not limit the number of requests per connection.
/enforcement/oversize-client-headers string reject optional read/write Specifies the behavior when too-large client headers are received. If enabled, will switch to pass through mode instead of rejecting the connection.
/enforcement/oversize-server-headers string reject optional read/write Specifies the behavior when too-large server headers are received. If enabled, will switch to pass through mode instead of rejecting the connection.
/enforcement/pipeline string allow optional read/write Enables HTTP/1.1 pipelining. This allows clients to make requests even when prior requests have not received a response. In order for this to succeed, however, destination servers must include support for pipelining. If set to pass-through, pipelined data will cause the BigIP to immediately switch to pass-through mode and disable the HTTP filter.
/enforcement/truncated-redirects string disabled optional read/write Specifies what happens if a truncated redirect is seen from a server. If enabled, the redirect will be forwarded to the client, otherwise the malformed HTTP will be silently ignored.
/enforcement/unknown-method string allow optional read/write Specifies whether to allow, reject or switch to pass-through mode when an unknown HTTP method is parsed.
/enforcement/excess-client-headers string reject optional read/write Specifies the behavior when too many client headers are received. If enabled, will switch to pass through mode instead of rejecting the connection.
/enforcement/excess-server-headers string reject optional read/write Specifies the behavior when too many server headers are received. If enabled, will switch to pass through mode instead of rejecting the connection.
/enforcement/known-methods string CONNECT DELETE GET HEAD LOCK OPTIONS POST PROPFIND PUT TRACE UNLOCK optional read/write Specifies which HTTP methods count as being known. Removing RFC-defined methods from this list will cause the HTTP filter to not recognize them.
/enforcement/max-header-count integer 64 optional read/write Specifies the maximum number of headers allowed in HTTP request/response. The default is 64 headers.
/enforcement/max-header-size integer 32768 optional read/write Specifies the maximum header size.
/enforcement/max-requests integer   optional read/write Specifies the number of requests that the system accepts on a per-connection basis. The default value is 0 (zero), which means the system does not limit the number of requests per connection.
/enforcement/oversize-client-headers string reject optional read/write Specifies the behavior when too-large client headers are received. If enabled, will switch to pass through mode instead of rejecting the connection.
/enforcement/oversize-server-headers string reject optional read/write Specifies the behavior when too-large server headers are received. If enabled, will switch to pass through mode instead of rejecting the connection.
/enforcement/pipeline string allow optional read/write Enables HTTP/1.1 pipelining. This allows clients to make requests even when prior requests have not received a response. In order for this to succeed, however, destination servers must include support for pipelining. If set to pass-through, pipelined data will cause the BigIP to immediately switch to pass-through mode and disable the HTTP filter.
/enforcement/truncated-redirects string disabled optional read/write Specifies what happens if a truncated redirect is seen from a server. If enabled, the redirect will be forwarded to the client, otherwise the malformed HTTP will be silently ignored.
/enforcement/unknown-method string allow optional read/write Specifies whether to allow, reject or switch to pass-through mode when an unknown HTTP method is parsed.
/explicit-proxy array_structure   optional read/write  
/explicit-proxy/bad-request-message string   optional read/write Specifies the error message that will be returned to the browser when a proxy request can’t be completed because the request was malformed.
/explicit-proxy/bad-response-message string   optional read/write Specifies the error message that will be returned to the browser when a proxy request can’t be completed because the response was malformed.
/explicit-proxy/connect-error-message string   optional read/write Specifies the error message that will be returned to the browser when a proxy request can’t be completed because of a failure to establish the outbound connection.
/explicit-proxy/default-connect-handling string deny optional read/write Specifies the behavior of the proxy service for CONNECT requests. If set to ‘deny’, CONNECT requests will only be honored if there is another virtual server listening for the requested outbound connection. If set to ‘allow’ outbound connections will be made regardless of other virtual servers.
/explicit-proxy/dns-error-message string   optional read/write Specifies the error message that will be returned to the browser when a proxy request can’t be completed because of a failure to resolve the hostname in the request.
/explicit-proxy/dns-resolver string   optional read/write Specifies the dns-resolver object that will be used to resolve hostnames in proxy requests.
/explicit-proxy/host-names string   optional read/write Specifies the which host names are to be treated as local. Proxy requests made for those hosts will be treated as regular HTTP requests and will be sent to the configured default pool.
/explicit-proxy/route-domain string   optional read/write Specifies the route-domain that will be used for outbound proxy requests.
/explicit-proxy/tunnel-name string   optional read/write Specifies the tunnel that will be used for outbound proxy requests. This enables other virtual servers to receive connections initiated by the proxy service.
/explicit-proxy/bad-request-message string   optional read/write Specifies the error message that will be returned to the browser when a proxy request can’t be completed because the request was malformed.
/explicit-proxy/bad-response-message string   optional read/write Specifies the error message that will be returned to the browser when a proxy request can’t be completed because the response was malformed.
/explicit-proxy/connect-error-message string   optional read/write Specifies the error message that will be returned to the browser when a proxy request can’t be completed because of a failure to establish the outbound connection.
/explicit-proxy/default-connect-handling string deny optional read/write Specifies the behavior of the proxy service for CONNECT requests. If set to ‘deny’, CONNECT requests will only be honored if there is another virtual server listening for the requested outbound connection. If set to ‘allow’ outbound connections will be made regardless of other virtual servers.
/explicit-proxy/dns-error-message string   optional read/write Specifies the error message that will be returned to the browser when a proxy request can’t be completed because of a failure to resolve the hostname in the request.
/explicit-proxy/dns-resolver string   optional read/write Specifies the dns-resolver object that will be used to resolve hostnames in proxy requests.
/explicit-proxy/host-names string   optional read/write Specifies the which host names are to be treated as local. Proxy requests made for those hosts will be treated as regular HTTP requests and will be sent to the configured default pool.
/explicit-proxy/route-domain string   optional read/write Specifies the route-domain that will be used for outbound proxy requests.
/explicit-proxy/tunnel-name string   optional read/write Specifies the tunnel that will be used for outbound proxy requests. This enables other virtual servers to receive connections initiated by the proxy service.
/hsts array_structure   optional read/write  
/hsts/include-subdomains string enabled optional read/write Specifies whether to include the includeSubdomains directive in the HSTS header. The default is enabled.
/hsts/maximum-age integer 16070400 optional read/write Specifies the maximum age to assume the connection should remain secure. The default is 16070400 seconds.
/hsts/mode string disabled optional read/write Specifies whether to include the HSTS response header. The default is disabled
/hsts/preload string disabled optional read/write Specifies whether to include the preload directive in the HSTS header. The default is disabled.
/hsts/include-subdomains string enabled optional read/write Specifies whether to include the includeSubdomains directive in the HSTS header. The default is enabled.
/hsts/maximum-age integer 16070400 optional read/write Specifies the maximum age to assume the connection should remain secure. The default is 16070400 seconds.
/hsts/mode string disabled optional read/write Specifies whether to include the HSTS response header. The default is disabled
/hsts/preload string disabled optional read/write Specifies whether to include the preload directive in the HSTS header. The default is disabled.
/sflow array_structure   optional read/write  
/sflow/poll-interval integer 0 optional read/write Specifies the maximum interval in seconds between two pollings. To enable this setting, you must also set the poll-interval-global setting to no.
/sflow/poll-interval-global string yes optional read/write Specifies whether the global HTTP poll-interval setting overrides the object-level poll-interval setting. The default value is yes.
/sflow/sampling-rate integer 0 optional read/write Specifies the ratio of packets observed to the samples generated. For example, a sampling rate of 2000 specifies that 1 sample will be randomly generated for every 2000 packets observed. To enable this setting, you must also set the sampling-rate-global setting to no.
/sflow/sampling-rate-global string yes optional read/write Specifies whether the global HTTP sampling-rate setting overrides the object-level sampling-rate setting. The default value is yes.
/sflow/poll-interval integer 0 optional read/write Specifies the maximum interval in seconds between two pollings. To enable this setting, you must also set the poll-interval-global setting to no.
/sflow/poll-interval-global string yes optional read/write Specifies whether the global HTTP poll-interval setting overrides the object-level poll-interval setting. The default value is yes.
/sflow/sampling-rate integer 0 optional read/write Specifies the ratio of packets observed to the samples generated. For example, a sampling rate of 2000 specifies that 1 sample will be randomly generated for every 2000 packets observed. To enable this setting, you must also set the sampling-rate-global setting to no.
/sflow/sampling-rate-global string yes optional read/write Specifies whether the global HTTP sampling-rate setting overrides the object-level sampling-rate setting. The default value is yes.
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.