ISAM HTTP XSL Transformation Rule to Modify request Parameters

I had to write an XSL Stylesheet to modify a request parameter – I had to modify a request parameter in a TFIM SAML request from RelayState to Target, here is what I used changing request text from “something” to “another”:

<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
   <!--
	This is a template stylesheet which should be used as a guide when
	using WebSEAL's HTTP Transformation engine. This sample is relevant to
	a request only.
-->
   <!-- Firstly, strip any space elements -->
   <xsl:strip-space elements="*" />
   <!--
		Perform a match on the root of the document. Output the required
		HTTPRequestChange elements and then process templates.
	-->
   <xsl:template match="/">
      <HTTPRequestChange>
         <xsl:apply-templates />
      </HTTPRequestChange>
   </xsl:template>
   <!--
		Match on the URI. Any URI processing should happen within this
		template.
	-->
   <xsl:template match="//HTTPRequest/RequestLine/URI">
      <xsl:variable name="output">
         <xsl:call-template name="string-replace-all">
            <xsl:with-param name="text" select="node()" />
            <xsl:with-param name="replace" select="'something'" />
            <xsl:with-param name="by" select="'anotherthing'" />
         </xsl:call-template>
      </xsl:variable>
      <URI>
         <xsl:value-of select="$output" />
      </URI>
   </xsl:template>
   <xsl:template match="//HTTPRequest/Scheme">
      <!--  Is the request http or https -->
   </xsl:template>
   <xsl:template name="string-replace-all">
      <xsl:param name="text" />
      <xsl:param name="replace" />
      <xsl:param name="by" />
      <xsl:choose>
         <xsl:when test="contains($text, $replace)">
            <xsl:value-of select="substring-before($text,$replace)" />
            <xsl:value-of select="$by" />
            <xsl:call-template name="string-replace-all">
               <xsl:with-param name="text" select="substring-after($text,$replace)" />
               <xsl:with-param name="replace" select="$replace" />
               <xsl:with-param name="by" select="$by" />
            </xsl:call-template>
         </xsl:when>
         <xsl:otherwise>
            <xsl:value-of select="$text" />
         </xsl:otherwise>
      </xsl:choose>
   </xsl:template>
</xsl:stylesheet>

You can test your XSL HTTP Transformation rule using the same tool I’ve used to Certificate XSLT mapping: http://xslttest.appspot.com/

You can use my sample request as the input:

<?xml version="1.0" encoding="UTF-8"?>
<HTTPRequest>
   <Credential>
      <Attributes />
   </Credential>
   <RequestLine>
      <Method>GET</Method>
      <URI>/snoop/dump.jsp?someparam=something</URI>
      <Version>HTTP/1.1</Version>
   </RequestLine>
   <Scheme>https</Scheme>
   <Headers>
      <Header name="accept">text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</Header>
      <Header name="accept-encoding">gzip, deflate, br</Header>
      <Header name="accept-language">en,en-AU;q=0.5</Header>
      <Header name="connection">keep-alive</Header>
      <Header name="host">192.168.188.90</Header>
      <Header name="user-agent">Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Firefox/45.0</Header>
      <Header name="cache-control">max-age=0</Header>
      <Header name="dnt">1</Header>
   </Headers>
   <Cookies>
      <Cookie name="PD-S-SESSION-ID">1_2_1_m6E7qH-JEvsY+KzrA5Y0FV6+ytubVMFRVqtklCZ52LUgLirM</Cookie>
      <Cookie name="AMWEBJCT!%2Fmga!JSESSIONID">00000tXmknP_KAXDaouCehZcNoJ:024ec1af-2336-4ef8-bb40-7dbebaafa82b</Cookie>
      <Cookie name="PD_STATEFUL_b34e3aba-c971-11e5-9f37-000c297edf67">%2Fmga</Cookie>
      <Cookie name="IV_JCT">%2Fmga</Cookie>
   </Cookies>
</HTTPRequest>


And the output should be:

<?xml version="1.0" encoding="UTF-8"?>
<HTTPRequestChange>
   <URI>/snoop/dump.jsp?someparam=anotherthing</URI>
</HTTPRequestChange>

Apply it to your desired URL using a POP or using the URL matching like shown below:

[http-transformations]

# The following files are currently available for this configuration entry:
# - transform.xml
# - Empty
change = transform.xml

[http-transformations:change]


request-match = request:GET /snoop/dump.jsp*someparam*

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

WordPress.com.

Up ↑

%d bloggers like this: