HTTP commands
HTTP:header_get_names()
Returns a list of all the headers present in the request or response.
Syntax
HTTP:header_get_names();
Arguments: N/A
Examples
when HTTP_REQUEST {
--use header and value
headers = HTTP:header_get_names()
for k, v in pairs(headers) do
debug("The value of header %s is %s.\n", k, v)
end
--only use the header name
for name in pairs(headers) do
debug("The request/response includes header %s.\n",name)
end
}
FortiADC version: V4.3
Used in events:
HTTP_REQUEST / HTTP_RESPONSE
HTTP:header_get_values(header_name)
Returns a list of value(s) of the HTTP header named <header_name>, with a count for each value. Note that the command returns all the values in the headers as a list if there are multiple headers with the same name.
Syntax
HTTP:header_get_values(header_name);
Arguments
| Name | Description |
|---|---|
|
Header_name |
A string which specifies the header name. |
Examples
when HTTP_REQUEST {
cookies=HTTP:header_get_values("Cookie")
for k, cnt in pairs(cookies) do
debug("initially include cookie %s cnt %d\n", k, v)
end
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE / AUTH_RESULT
HTTP:header_get_value(header_name)
Returns the value of the HTTP header named<header_name>.
Returns false if the HTTP header named <header_name> does not exist. The command operates on the value of the last head if there are multiple headers with the same name.
Syntax
HTTP:header_get_value(header_name);
Arguments
| Name | Description |
|---|---|
|
Header_name |
A string which specifies the header name. |
Examples
when HTTP_REQUEST {
host = HTTP:header_get_value("Host");
debug("host is %s\n", host);
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:header_remove(header_name)
Removes all headers named with the name <header_name>.
Syntax
HTTP:header_remove(header_name);
Arguments
| Name | Description |
|---|---|
|
Header_name |
A string which specifies the header name. |
Examples
when HTTP_REQUEST {
HTTP:header_remove(“Cookie”);
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:header_remove2(header_name, countid)
Header_get_values() returns a count ID for each item. This count ID can be used in both header_remove2() and header_replace2() to remove and replace a certain header of a given name referenced by the count ID.
Syntax
HTTP:header_remove2(header_name, countid);
Arguments
| Name | Description |
|---|---|
|
Header_name |
A string which specifies the header name. |
|
Countid |
A integer which specifies the header_name serial number |
Examples
when HTTP_RESPONSE {
cookies=HTTP:header_get_values("Set-Cookie")
for k, v in pairs(cookies) do
debug("include cookie %s cnt %d\n", k, v)
end
if HTTP:header_remove2("Set-Cookie", 1) then
debug("remove 1st cookie\n")
end
}
FortiADC version: V4.8
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:header_insert(header_name, value)
Inserts the header <header_name> with value <value> into the end of the HTTP request or response.
Syntax
HTTP:header_insert(header_name, value);
Arguments
| Name | Description |
|---|---|
|
Header_name |
A string which specifies the header name. |
|
Value |
A string which specifies the value of the header<header_name>. |
Examples
when HTTP_REQUEST {
HTTP:header_insert(“Cookie”, “insert_cookie=server1”)
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:header_replace(header_name, value)
Replaces the occurrence value of header <header_name> with value <value>.
Syntax
HTTP:header_replace(header_name, value);
Arguments
| Name | Description |
|---|---|
|
Header_name |
A string which specifies the header name. |
|
Value |
A string which specifies the value of the header<header_name>. |
Examples
when HTTP_REQUEST {
HTTP:header_replace(“Host”, “www.fortinet.com”)
}
FortiADC version: V4.8
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:header_replace2(header_name, value, countid)
Header_get_values() returns a count ID for each item. This count ID can be used in both header_remove2() and header_replace2() to remove and replace a certain header of a given name referenced by the count ID.
Syntax
HTTP:header_replace2(header_name, value, countid);
Arguments
| Name | Description |
|---|---|
|
Value |
A string which specifies the value of the header<header_name>. |
|
Header_name |
A string which specifies the header name. |
|
Countid |
A integer which specifies the header_name serial number |
Examples
when HTTP_REQUEST {
cookies=HTTP:header_get_values("Cookie")
for k, v in pairs(cookies) do
debug("include cookie %s cnt %d\n", k, v)
end
if HTTP:header_replace2("Cookie", “new_value”, 1) then
debug("replace 1st cookie\n")
end
}
FortiADC version: V4.8
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:header_exists(header_name)
Returns true when the header <header_name> exists and false when not exists
Syntax
HTTP:header_exists(header_name);
Arguments
| Name | Description |
|---|---|
|
Header_name |
A string which specifies the header name. |
Examples
when HTTP_REQUEST {
if HTTP:header_exists(“Cookie”) then
…
end
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST / RESPONSE
HTTP:header_count(header_name)
Returns the integer counter of the header <header_name>.
Syntax
HTTP:header_count(header_name);
Arguments
| Name | Description |
|---|---|
|
Header_name |
A string which specifies the header name. |
Examples
when HTTP_REQUEST {
count = HTTP:header_count(“Cookie”);
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:method_get()
Returns the string of the HTTP request method.
Syntax
HTTP:method_get();
Arguments: N/A
Examples
when HTTP_REQUEST {
method = HTTP:method_get();
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST / AUTH_RESULT
HTTP:method_set(value)
Sets the HTTP request method to the string <value>.
Syntax
HTTP:method_set(value);
Arguments
| Name | Description |
|---|---|
|
str |
A string which specifies the method. |
Examples
when HTTP_REQUEST {
HTTP:method_set(“POST”)
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST
HTTP:path_get()
Returns the string of the HTTP request path.
Syntax
HTTP:path_get();
Arguments: N/A
Examples
when HTTP_REQUEST {
path = HTTP:path_get();
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST / AUTH_RESULT
HTTP:path_set(value)
Sets HTTP request path to the strng <value>.
Syntax
HTTP:path_set(value);
Arguments
| Name | Description |
|---|---|
|
Value |
A string which specifies the path. |
Examples
when HTTP_REQUEST {
HTTP:path_set(“/other.html”);
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST
HTTP:uri_get()
Returns the string of the HTTP request URI.
Syntax
HTTP:uri_get();
Arguments: N/A
Examples
when HTTP_REQUEST {
uri = HTTP:uri_get();
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST / AUTH_RESULT
HTTP:uri_set(value)
Sets HTTP request URI to the string <value>.
Syntax
HTTP:uri_set(value);
Arguments
| Name | Description |
|---|---|
|
value |
a string which specifices the uri. |
Examples
when HTTP_REQUEST {
HTTP:uri_set(“/index.html?para=xxxx”);
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST
HTTP:query_get()
Returns the string of the HTTP request query.
Syntax
HTTP:query_get();
Arguments: N/A
Examples
when HTTP_REQUEST {
query = HTTP:query_get();
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST / AUTH_RESULT
HTTP:query_set(value)
Sets HTTP request query to the string <value>.
Syntax
HTTP:query_set(value);
Arguments
| Name | Description |
|---|---|
|
value |
A string which specifies the uri. |
Examples
when HTTP_REQUEST {
HTTP:query_set(“query1=value1”);
}
FortiADC version: V4.3
Used in events:
Used in HTTP_REQUEST / AUTH_RESULT
HTTP:redirect(“url”, …)
Redirects an HTTP request or response to the specified URL.
Syntax
HTTP:redirect(“url”, …);
Arguments
| Name | Description |
|---|---|
|
url |
A string which specifies the redirect url. |
Examples
when HTTP_REQUEST {
Host = HTTP:header_get_value("host")
Path = HTTP:path_get()
HTTP:redirect("https://%s%s", Host, Path);
}
FortiADC version: V4.3
Used in events:
HTTP_REQUEST / HTTP_DATA_REQUEST / HTTP_RESPONSE
Cannot use in HTTP_DATA_RESPONSE
HTTP:redirect_with_cookie(url, cookie)
Redirects an HTTP request or response to the specified url with cookie.
Support multiple redirect
Syntax
HTTP:redirect_with_cookie(url, cookie);
Arguments
| Name | Description |
|---|---|
|
url |
A string which specifies the redirect url. |
|
cookie |
A string as cookie. |
Examples
HTTP:redirect_with_cookie("www.example.com", "server=nginx")
HTTP:redirect_with_cookie("www.abc.com", "server=nginx")
Note:
: it was finally redirected to www.abc.com with the cookie "server=nginx"
FortiADC version: V4.8
Used in events:
HTTP_REQUEST / HTTP_DATA_REQUEST / HTTP_RESPONSE
Can not use in HTTP_DATA_RESPONSE
HTTP:redirect_t(t)
Redirects an HTTP request or response to the URL specified in the table.
Supports multiple redirect, same as HTTP:redirect_with_cookie().
Syntax
HTTP:redirect_t(t);
Arguments
| Name | Description |
|---|---|
|
t |
A table that defines the code, redirect url, and cookie. |
Examples
when HTTP_RESPONSE{
a={} --initialize a table
a["code"]=303;
a["url"]="www.example.com"
a["cookie"]="test:server"
HTTP:redirect_t(a)
debug("redirected\n")
}
Note:
if code not set, default code in http redirect response is 302
if URL is missing in the input table, then a log will be generated!
FortiADC version: V4.8
Used in events:
HTTP_REQUEST / HTTP_DATA_REQUEST / HTTP_RESPONSE
Can not use in HTTP_DATA_RESPONSE
HTTP:version_get()
Returns the HTTP version of the request of response.
Syntax
HTTP:version_get();
Arguments: N/A
Examples
when HTTP_REQUEST {
v = HTTP:version_get();
}
FortiADC version: V5.8
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:version_set(value)
Sets HTTP request or response version to the string <value>
Syntax
HTTP:version_set(value);
Arguments
| Name | Description |
|---|---|
|
value |
A string which specifies the version. |
Examples
when HTTP_REQUEST {
HTTP:version_set(“HTTP2.0”);
}
FortiADC version: V4.8
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:status_code_get()
Returns the response status code output as string.
Syntax
HTTP:status_code_get();
Arguments: N/A
Examples
when HTTP_RESPONSE {
code = HTTP:status_code_get();
}
FortiADC version: V4.8
Used in events:
Used in HTTP_RESPONSE
HTTP:status_code_set(value)
Sets the HTTP response status code.
Syntax
HTTP:status_code_set(value);
Arguments
| Name | Description |
|---|---|
|
value |
A string which specifies the status code. |
Examples
when HTTP_RESPONSE{
HTTP:status_code_set(“304”);
}
FortiADC version: V4.8
Used in events:
Used in HTTP_RESPONSE
HTTP:code_get()
Returns the response status code, out put as integer.
Syntax
HTTP:code_get();
Arguments: N/A
Examples
when HTTP_REQUEST {
code = HTTP:code_get();
}
FortiADC version: V4.8
Used in events:
Used in HTTP_RESPONSE
HTTP:code_set(integer)
Sets the response status code.
Syntax
HTTP:code_set(integer);
Arguments
| Name | Description |
|---|---|
|
integer A |
Integer which specifies the status code. |
Examples
when HTTP_REQUEST {
HTTP:coe_set(503);
}
FortiADC version: V4.8
Used in events:
Used in HTTP_RESPONSE
HTTP:reason_get()
Returns the response reason.
Syntax
HTTP:reason_get();
Arguments: N/A
Examples
when HTTP_RESPONSE {
reason = HTTP:reason_get();
}
FortiADC version: V4.8
Used in events:
Used in HTTP_RESPONSE
HTTP:reason_set(value)
Sets the response reason.
Syntax
HTTP:reason_set(value);
Arguments
| Name | Description |
|---|---|
|
value |
A string which specifies the response reason. |
Examples
when HTTP_RESPONSE {
HTTP:reason_set(“Not exist !”);
}
FortiADC version: V4.8
Used in events:
Used in HTTP_RESPONSE
HTTP:client_addr()
Returns the client IP address of a connection
for HTTP_REQUEST packet, it's source address
for HTTP_RESPONSE packet, it's destination address
Syntax
HTTP:client_addr();
Arguments: N/A
Examples
when HTTP_REQUEST priority 100 {
cip=HTTP:client_addr()
}
FortiADC version: V4.6
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:local_addr()
For HTTP_REQUEST, return the ip address of the virtual server the client is connected to;
for HTTP_RESPONSE, return the incoming interface ip address of the return packet.
Syntax
HTTP:local_addr();
Arguments: N/A
Examples
when HTTP_REQUEST {
lip = HTTP:local_addr()
}
FortiADC version: V4.6
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:server_addr()
Returns the ip address of the server in HTTP_RESPONSE.
Syntax
HTTP:server_addr();
Arguments: N/A
Examples
when HTTP_RESPONSE {
sip = HTTP:server_addr()
}
FortiADC version: V4.6
Used in events:
Used in HTTP_RESPONSE
HTTP:remote_addr()
Returns the ip address of the host on the far end of the connection
Syntax
HTTP:remote_addr();
Arguments: N/A
Examples
when HTTP_REQUEST {
rip = HTTP:remote_addr()
}
FortiADC version: V4.6
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:client_port()
Returns real client port number in a string format.
Syntax
HTTP:client_port();
Arguments: N/A
Examples
when HTTP_REQUEST {
string1=HTTP:client_port()
string2=HTTP:local_port()
string3=HTTP:remote_port()
debug("result_client_port: %s \n",string1)
debug("result_local_port: %s \n",string2)
debug("result_remote_port: %s \n",string3)
}
when HTTP_RESPONSE {
debug("SERVER_side: \n")
string4=HTTP:server_port()
debug("result_server_port: %s \n",string4)
string5=HTTP:client_port()
string6=HTTP:local_port()
string7=HTTP:remote_port()
debug("result_client_port: %s \n",string5)
debug("result_local_port: %s \n",string6)
debug("result_remote_port: %s \n",string7)
}
FortiADC version: V4.8
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE / HTTP_DATA_REQUEST / HTTP_DATA_RESPONSE
HTTP:local_port()
Returns the local port number in a string format.
In HTTP_REQUEST, local_port is virtual server port.
In HTTP_RESPONSE, local_port is gateway’s port which used to connect
Syntax
HTTP:local_port();
Arguments: N/A
Examples
when HTTP_REQUEST {
string1=HTTP:client_port()
string2=HTTP:local_port()
string3=HTTP:remote_port()
debug("result_client_port: %s \n",string1)
debug("result_local_port: %s \n",string2)
debug("result_remote_port: %s \n",string3)
}
FortiADC version: V4.8
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE / HTTP_DATA_REQUEST / HTTP_DATA_RESPONSE
HTTP:remote_port()
Returns the remote port number in a string format.
In HTTP_REQUEST, remote_port is client port.
In HTTP_RESPONSE, remote_port is real server port.
Syntax
HTTP:remote_port();
Arguments: N/A
Examples
when HTTP_REQUEST {
string1=HTTP:client_port()
string2=HTTP:local_port()
string3=HTTP:remote_port()
debug("result_client_port: %s \n",string1)
debug("result_local_port: %s \n",string2)
debug("result_remote_port: %s \n",string3)
}
FortiADC version: V4.8
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE / HTTP_DATA_REQUEST / HTTP_DATA_RESPONSE
HTTP:server_port()
Returns the server port number in a string format. It’s real server port
Syntax
HTTP:server_port();
Arguments: N/A
Examples
when HTTP_RESPONSE {
debug("SERVER_side: \n")
string4=HTTP:server_port()
debug("result_server_port: %s \n",string4)
string5=HTTP:client_port()
string6=HTTP:local_port()
string7=HTTP:remote_port()
debug("result_client_port: %s \n",string5)
debug("result_local_port: %s \n",string6)
debug("result_remote_port: %s \n",string7)
}
FortiADC version: V4.8
Used in events:
Only used in HTTP_RESPONSE / HTTP_DATA_RESPONSE
HTTP:client_ip_ver()
Returns the client ip version number, can use to get ipv4 or ipv6 version
Syntax
HTTP:client_ip_ver();
Arguments: N/A
Examples
when HTTP_REQUEST {
string=HTTP:client_ip_ver()
debug("\nresult: %s \n",string)
}
when HTTP_RESPONSE{
string=HTTP:client_ip_ver()
debug("\nresult: %s \n",string)
}
FortiADC version: V4.8
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE / HTTP_DATA_REQUEST / HTTP_DATA_RESPONSE
HTTP:server_ip_ver()
Returns the server ip version number, can use to get ipv4 or ipv6 version
Syntax
HTTP:server_ip_ver();
Arguments: N/A
Examples
when HTTP_REQUEST {
string=HTTP:server_ip_ver()
debug("\nresult: %s \n",string)
}
FortiADC version: V4.8
Used in events:
Only used in HTTP_RESPONSE / HTTP_DATA_RESPONSE
HTTP:close()
Close an HTTP connection, default using code 503, or you can specify a code.
Can support multiple close call.
Syntax
HTTP:close();
Arguments: N/A
Examples
when HTTP_REQUEST {
Example1:
HTTP:close in script 1
HTTP:close in script 2
ps: it will send the close message to client correctly
Example2:
HTTP:close()
HTTP:redirect_with_cookie("www.example.com","server=nginx")
ps:the client get the redirect message, the close message is overwritten
HTTP:close() --close http connection using code 503
HTTP:close(200) --close http connection using code 200
FortiADC version: V4.6
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:respond(t)
Allows you to return a customized page, send out HTTP response directly from FortiADC.
Syntax
HTTP:respond(t);
Arguments
| Name | Description |
|---|---|
|
t |
A table which will give the response code and content. |
Examples
when HTTP_REQUEST {
tt={}
tt["code"] = 200;
tt["content"] = "XXXXX Test Page XXXXXXX\r\n\r\n";
status = HTTP:respond(tt);
debug("HTTP_respond() status: %s\n", status);
}
FortiADC version: V5.2
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE / HTTP_DATA_REQUEST
HTTP:get_session_id()
FortiADC will assign each session an unique id and allow the user to get this unique id through this function.
With this unique id, the user can play with Lua script to capture request headers, store them into a global variable indexed by this unique id and then index a global variable using this unique id to extract its own request header info in the HTTP request event
Syntax
HTTP:get_session_id();
Arguments: N/A
Examples
When RULE_INIT{
Env={}
}
when HTTP_REQUEST{
id=HTTP:get_session_id()
debug("session id %d\n", id);
env[id]=nil
req={}
req["url"]=HTTP:uri_get()
req["method"]=HTTP:method_get()
env[id]=req
}
when HTTP_RESPONSE{
id=1
request=env[id]
if req then
debug("session id %d and url %s\n", id,request["url"]);
debug("session id %d and method %s\n", id,request["method"]);
end
}
Output:
session id 1
session id 1 and url /index.html
session id 1 and method GET
FortiADC version: V4.8
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE / HTTP_DATA_REQUEST / HTTP_DATA_RESPONSE
HTTP:rand_id()
Returns a random string of 32-long in hex format.
Syntax
HTTP:rand_id();
Arguments: N/A
Examples
when HTTP_REQUEST {
id = HTTP:rand_id();
debug(“random id: %s\n”, id)
}
FortiADC version: V4.8
Used in events: ALL
HTTP:set_event(t)
Sets a request or response event enable or disable.
Syntax
HTTP:set_event(t);
Arguments
| Name | Description |
|---|---|
|
t |
A table when to specify enable/disable an event. |
Examples
when HTTP_REQUEST {
t={};
t["event"] = "data_res";
t["operation"] = "disable";
HTTP:set_event(t);
}
Note:
Event can be "req", "res", "data_req", "data_res"
And operation can be "enable" and "disable"
This command will genarate a log if the event or operation is wrong
FortiADC version: V4.8
Used in events:
Used in HTTP_REQUEST / HTTP_RESPONSE
HTTP:set_auto()
Sets an automatic request or response event.
In http keep-alive mode, by default FortiADC will automatically re-enable both HTTP_REQUEST and HTTP_RESPONSE event processes, for next transaction even if they have been disabled in the current transaction. User can disable/enable this automatic behavior using this facility.
Syntax
HTTP:set_auto(t);
Arguments
| Name | Description |
|---|---|
|
t |
A table which specifies the event and operation. |
Examples
when HTTP_REQUEST {
t={};
t["event"] = "data_req";
t["operation"] = "enable";
HTTP:set_auto(t);
}
Note:
Event can be "req", "res", "data_req", "data_res"
And operation can be "enable" and "disable."
This command will genarate a log if the event or operation is wrong
FortiADC version: V4.8
Used in events:
Used in HTTP_REQUEST or HTTP_RESPONSE