I had to write an XSL Stylesheet to modify a request parameter – I had to modify a request parameter in a TFIM SAML request from RelayState to Target, here is what I used changing request text from “something” to “another”:
<?xml version="1.0" encoding="UTF-8"?> <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0"> <!-- This is a template stylesheet which should be used as a guide when using WebSEAL's HTTP Transformation engine. This sample is relevant to a request only. --> <!-- Firstly, strip any space elements --> <xsl:strip-space elements="*" /> <!-- Perform a match on the root of the document. Output the required HTTPRequestChange elements and then process templates. --> <xsl:template match="/"> <HTTPRequestChange> <xsl:apply-templates /> </HTTPRequestChange> </xsl:template> <!-- Match on the URI. Any URI processing should happen within this template. --> <xsl:template match="//HTTPRequest/RequestLine/URI"> <xsl:variable name="output"> <xsl:call-template name="string-replace-all"> <xsl:with-param name="text" select="node()" /> <xsl:with-param name="replace" select="'something'" /> <xsl:with-param name="by" select="'anotherthing'" /> </xsl:call-template> </xsl:variable> <URI> <xsl:value-of select="$output" /> </URI> </xsl:template> <xsl:template match="//HTTPRequest/Scheme"> <!-- Is the request http or https --> </xsl:template> <xsl:template name="string-replace-all"> <xsl:param name="text" /> <xsl:param name="replace" /> <xsl:param name="by" /> <xsl:choose> <xsl:when test="contains($text, $replace)"> <xsl:value-of select="substring-before($text,$replace)" /> <xsl:value-of select="$by" /> <xsl:call-template name="string-replace-all"> <xsl:with-param name="text" select="substring-after($text,$replace)" /> <xsl:with-param name="replace" select="$replace" /> <xsl:with-param name="by" select="$by" /> </xsl:call-template> </xsl:when> <xsl:otherwise> <xsl:value-of select="$text" /> </xsl:otherwise> </xsl:choose> </xsl:template> </xsl:stylesheet>
You can test your XSL HTTP Transformation rule using the same tool I’ve used to Certificate XSLT mapping: http://xslttest.appspot.com/
You can use my sample request as the input:
<?xml version="1.0" encoding="UTF-8"?> <HTTPRequest> <Credential> <Attributes /> </Credential> <RequestLine> <Method>GET</Method> <URI>/snoop/dump.jsp?someparam=something</URI> <Version>HTTP/1.1</Version> </RequestLine> <Scheme>https</Scheme> <Headers> <Header name="accept">text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</Header> <Header name="accept-encoding">gzip, deflate, br</Header> <Header name="accept-language">en,en-AU;q=0.5</Header> <Header name="connection">keep-alive</Header> <Header name="host">192.168.188.90</Header> <Header name="user-agent">Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Firefox/45.0</Header> <Header name="cache-control">max-age=0</Header> <Header name="dnt">1</Header> </Headers> <Cookies> <Cookie name="PD-S-SESSION-ID">1_2_1_m6E7qH-JEvsY+KzrA5Y0FV6+ytubVMFRVqtklCZ52LUgLirM</Cookie> <Cookie name="AMWEBJCT!%2Fmga!JSESSIONID">00000tXmknP_KAXDaouCehZcNoJ:024ec1af-2336-4ef8-bb40-7dbebaafa82b</Cookie> <Cookie name="PD_STATEFUL_b34e3aba-c971-11e5-9f37-000c297edf67">%2Fmga</Cookie> <Cookie name="IV_JCT">%2Fmga</Cookie> </Cookies> </HTTPRequest>
And the output should be:
<?xml version="1.0" encoding="UTF-8"?> <HTTPRequestChange> <URI>/snoop/dump.jsp?someparam=anotherthing</URI> </HTTPRequestChange>
Apply it to your desired URL using a POP or using the URL matching like shown below:
[http-transformations] # The following files are currently available for this configuration entry: # - transform.xml # - Empty change = transform.xml [http-transformations:change] request-match = request:GET /snoop/dump.jsp*someparam*
Leave a Reply