HTTP::respond

Description¶

Generates a response to the client as if it came from the server. If
the command runs on the client side, it sends the response to the
client without any load balancing taking place. If the command runs on
the server side, the content from the actual server is discarded and
replaced with the information provided.
The BIG-IP will send the response as soon as the current iRule event
completes, so you cannot alter the response in other HTTP iRule
events. Also, this command will not work if another response has
already been sent to the client (for example, by invoking
HTTP::redirect). If the client’s HTTP
request is not using http keep-alive (eg, it sent ‘Connection: Close’
in the request, or is using HTTP/1.0), then the HTTP profile will
close the clientside connection after sending the response.
By default, the response generated is an HTTP/1.0 response; use the
“-version” flag (introduced in 11.2.0) to explicitly set the response
to HTTP/1.0 or HTTP/1.1. The HTTP status code is determined by the
supplied parameter. Unless you add the “noserver” option, a header of
the form “Server: BIG-IP” will be inserted to distinguish replies
generated by the BIG-IP from those supplied by remote servers. A
suitable “Content-Length” header is inserted automatically (replacing
any you supply; you cannot force an arbitrary Content-Length header).
A word of warning: when you return a 401 HTTP status code, the BIGIP
will inject a WWW-Authenticate: Basic, Realm=”” according to the RFC.

Syntax¶

HTTP::respond <status code> [-version [1.0|1.1|auto]] [content <content Value>] [noserver] [<Header name> <Header Value>]+

v11.5+
HTTP::respond [-reset] <status code> [-version [1.0|1.1|auto]] [content <content Value>] [noserver] [<Header name> <Header Value>]+

HTTP::respond <status code> [-version [1.0|1.1|auto] ] [content <content Value>] [noserver] [<Header name> <Header Value>]+¶

Generates a response to the client as if it came from the server, with the supplied content and header values.

HTTP::respond [-reset] <status code> [-version [1.0|1.1|auto] ] [content <content Value>] [noserver] [<Header name> <Header Value>]+¶

Generates a response to the client as if it came from the server, with the supplied content and header values and resets serverside connection instead of sinking the data.

Note: The noserver flag was added in 9.4.2. It suppresses the insertion of the ‘Server: BigIP’ header. The noserver flag must be included after the content (if any).

Note: The -version flag was added in 11.2.0. It must immediately follow the status code and precede the content (if any) and any other flags.

Note: An ‘auto’ option was added for the ‘-version’ flag in 11.4.0.

Examples¶

To send a redirect with a cookie set.

when HTTP_REQUEST {
    set ckname "app"
    set ckvalue "893"
    set cookie [format "%s=%s; path=/; domain=%s" $ckname $ckvalue ".domain.org"]
    HTTP::respond 302 Location "http://www.domain.org" "Set-Cookie" $cookie
}

Or you can generate an apology page from within the iRule. The curly braces prevent variable expansion and should eliminate the need to escape meta-characters within the response content.

when HTTP_REQUEST {
   HTTP::respond 200 content {
      <html>
         <head>
            <title>Apology Page</title>
         </head>
         <body>
            We are sorry, but the site you are looking for is temporarily out of service<br>
            If you feel you have reached this page in error, please try again.
         </body>
      </html>
   }
}

Here is an example which rewrites a redirect with the original cookies from the HTTP response of the server:

when HTTP_RESPONSE {
   if { [HTTP::is_redirect] } {
      foreach aCookieName [HTTP::cookie names] {
         set currentCookie "$aCookieName=[HTTP::cookie value  $aCookieName]"
         set cookies "$cookies\r\nSet-Cookie: $currentCookie"
      }
      HTTP::respond 200 content "<HTML><HEAD><TITLE>Forbidden Redirect From Remote Server</TITLE></HEAD>\
<BODY>The server is trying to redirect the client to an external site, but it is forbidden</BODY></HTML>" Set-Cookie $cookies
   }
}

Another example with multiple cookies, but without excessive empty cookie - returns original cookies to the client:

when HTTP_REQUEST {
   set cookies ""
   foreach next_cookie [HTTP::cookie names] {
      set cookies "$cookies\"Set-Cookie\" \"$next_cookie=[HTTP::cookie value $next_cookie]\" "
   }
   log local0. "Sending back $cookies"
   eval HTTP::respond 200 "$cookies"
}

An example of a plain redirect - equivalent to using HTTP::redirect, but with the Server BigIP header suppressed. In this example we’re redirecting our http:// request to the https:// version.

when HTTP_REQUEST {
   HTTP::respond 302 noserver Location "https://[HTTP::host][HTTP::uri]"
}

Related Information¶

Valid Events:

AUTH_ERROR, AUTH_FAILURE, AUTH_RESULT, AUTH_SUCCESS, AUTH_WANTCREDENTIAL, CACHE_RESPONSE, HTTP_REQUEST, HTTP_REQUEST_DATA, HTTP_REQUEST_SEND, HTTP_RESPONSE, HTTP_RESPONSE_DATA, NAME_RESOLVED

Warning

The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.

Sample Code:

Block requests by reverse DNS record - Performs a reverse DNS lookup to validate client IP
Block Referral Requests - This iRule will scan referral requests for images and insert a canned image for requests not coming from a allowed host.
Client Cert Request by URI with OCSP Checking - Request a client SSL certificate by URI and validate it using OCSP
Client Auth Using HTML Forms - This iRule illustrates how to use HTML Forms for client authentication.
Client Auth Using HTTP Cookie - This iRule illustrates how to use HTTP Cookies for client based authentcation.
Client Certificate Request by URI with OCSP Checking (v10.1 - v10.2.x) - Request a client SSL certificate by URI and validate it using OCSP for v10.1 - 10.2.x
Command Performance - This iRule will compare switch. if. matchclass. and class commands and generate performance graphs.
Convert 404s to Blank 200s - An iRule to convert an HTTP 404 response to a blank 200 response. HTTP 404…
Current Pool Member Status - Another variation of the “Pool_Member_Status_Page_on_a_Virtual_Server” Thi…
detect prior http redirect or respond - Detect a prior HTTP redirect or response to avoid a runtime TCL error
Excessive_404_Blacklist - This iRule will block ALL further site access to source IP addresses that exceed a certain number of HTTP requests to server resources that results in a 404 not found error.
File Not Found Handler - This iRule will handle HTTP 404 (File Not Found) errors returned from pool members and return an embedded customized error page.
Gomez Injection - Auto injection of Gomez Networks Actual XF client side Javascript.
Gomez Injection With Group Id - Auto injection of Gomez Networks Actual XF client side Javascript.
Google Authenticator iRule For Two-Factor Auth With LDAP - This iRule adds two-factor authentication to a virtual server by combining an LDAP account with a Google Authenticator token
Google Authenticator Soft Token Generator - iRule to generate Google Authenticator soft tokens for use with the Google Authenticator iRule
Google reCAPTCHA Challenge iRule - This iRule adds captcha verification to a virtual server.
Heatmaps Part1 - Create a heat map view of your HTTP requests. mapped to the locations around the United States.
Heatmaps Part4 - Create a heat map view of your HTTP requests. mapped to the locations around the World with hard numbers to back up the pretty pictures.
high performance rate limiting - This rule will limit the number of request to a particular vhost and uri to…
HTTP delay and validate clients using javascript cookies when CPU overloaded - If CPU usage high. delay clients and validate they’re real by making sure they can execute javascript.
HTTP method conversion - This is one way that allows you to convert HTTP method from GET to POST or …
HTTP POST redirect preserving POST data - Use Javascript in an iRule to redirect HTTP POST requests to HTTPS
HTTP redirect to HTTPS with pool down detection - I pieced this together from several rules because I couldn’t find a rule th…
HTTP sideband policy checking - iRule for HTTP sideband policy checking
HTTP Request Throttle - iRule to dynamically throttle HTTP request rate by client IP.
Http Response Based On Requested Uri - This iRule sends an HTTP response based on the requested path.
HTTP retry on 404 pre-9.2.0 - Mimic LB::reselect and HTTP::retry for pre-9.2.0 boxes
HTTP To HTTPS Redirect 301 - Redirects all traffic to same hostname. same URI over https by issuing a redirect with status 301 (Moved Permanently).
Insert App Cookies In Http Redirect - This rule intercepts the application response and sends an HTTP redirect to…
Link Tracking - This iRule will store the number of times links on your application are viewed.
LinkTracking2 - This iRule will store the number of times links on your application are viewed with optional result filtering.
LinkTracking3 -
LTM sorry page image when no pool members available - Return sorry page with text & images by simply creating an image of the sorry page to return when no pool members are availble to the virtual
LTM Image Hosting - Host Images on LTM in External Class
LTM Maintenance Page - Use the LTM as a webserver for a particular directory. In this case. we return a maintenance page with text and images to return when no pool members are available.
LTM Maintenance Page Lite - Use the LTM as a webserver for as lite version of a maintenance page. In this case. it returns a maintenance page with text to return when the pool members are not available.
LTM Maintenance Window - iRule that uses the STATs profile to manage an LTM maintenance page response during maintenance windows.
Microsoft Branch Cache Hash Offload - Hash Offload for Microsoft BranchCache
Modifying Secure Access Manager v8 session variables with a cookie - In this example. an external server is used to authenticate users before pa…
Monitor_pools_from_external_monitors - This iRule allows external http monitors to query specific poo…
Parse username from HTTP requests - Parse the username from HTTP requests in the basic auth header and POST data
Phishing Prevention - This iRule helps to cut down on Phishing and scraping attempts that might otherwise plague your network.
Pool Member Status Page on a Virtual Server v9 - This iRule will create a dynamic list of all the pools and thier members ad…
Pool status page on a virtual server - The following irule allows clients/users who do not have access to the load…
POST Request Exponential Backoff - Exponential backoff iRule to thwart dictionary attacks
Rate Limit HTTP Requests - Limits HTTP POST requests by user
ratio load balancing using rand function - Use a psuedo random number to set a ratio for any iRule logic. This avoids using a global counter mechanism to track past selections.
Redirect On Weak Encryption - This rule illustrates how to redirect a client to an un-encrypted page with an informational error if the client does not have at least 128 bits of encryption.
Referral Tracker - Create a pie chart of your top referrers
Replace HTTP refresh with HTTP Redirect - Intercepts pages with HTTP REFRESH and re-writes as a proper 302 redirect
Reverse Proxy With Basic SSO - The iRule implements a authenticated HTTPS reverse proxy.
Rewrite HTTP redirect 301 to 302 - Re-writes server-set Permanent Redirects as Temporary Redirects
Rewrite HTTP Redirect Hostname - Rewrites hostname in server-set redirects
Scatter Charting Response Times - This iRule will store response codes. page sizes. and duration and present the data in a scatterchart.
Session Table Control - Control session subtables with an iRules based HTML GUI.
Session Table Export - Export the entries from a Session Sub Table with a simple iRules based HTML form.
Small URL Generator - Create small URLs from long URLs and store them in a subtable
TransparentBotProtection - This Solution will act as a Web Form Application protection layer against malicious entities such as automated bots.
Version 9.x robot and request limiting iRule - This iRule limits robots and what they can do. Furthermore. it restricts re…
Virtual server connection limit with HTTP response - This rule allows administrators to configure a maximum TCP connection limit…
Yubikey 2Factor Authentication with BIG-IP LTM - This iRule provides 2-Factor Authentication with YubiCloud Service

Introduced: BIGIP-9.0.0

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.

HTTP::respond¶

Description¶

Syntax¶

HTTP::respond <status code> [-version [1.0|1.1|auto] ] [content <content Value>] [noserver] [<Header name> <Header Value>]+¶

HTTP::respond [-reset] <status code> [-version [1.0|1.1|auto] ] [content <content Value>] [noserver] [<Header name> <Header Value>]+¶

Examples¶

Related Information¶

HTTP::respond ¶