Citrix Systems Network Router 9.2 User Manual
Chapter 6 Advanced Expressions: Parsing HTTP, TCP, and UDP Data
131
Operations for HTTP, HTML, and XML Encoding and
“Safe” Characters
The following operations work with the encoding of HTML data in a request or
response and XML data in a POST body.
response and XML data in a POST body.
HTTP.RES.STATUS
Returns the response status code
Prefixes That Evaluate HTTP Request or Response Length
Prefix
Description
Operations That Evaluate HTML and XML Encoding
HTML or XML Operation
Description
text.HTML_XML_SAFE
Transforms special characters into XML safe
format, as in the following examples:
format, as in the following examples:
• A left-pointing angle bracket (<) is converted
to <
• A right-pointing angle bracket (>) is converted
to >
• An ampersand (&) is converted to &
This operation safeguards against cross-site
scripting attacks. This is a read-only operation.
This operation safeguards against cross-site
scripting attacks. This is a read-only operation.
After applying the transformation, additional
operators that you specify in the expression are
applied to the selected text. Following is an
example:
operators that you specify in the expression are
applied to the selected text. Following is an
example:
http.req.url.query.html_xml_safe.
contains("myQueryString")
text.HTTP_HEADER_SAFE
Converts all new line ('\n') characters in the input
text to '%0A' to enable the input to be used safely
in HTTP headers.
text to '%0A' to enable the input to be used safely
in HTTP headers.
This operation safeguards against response-
splitting attacks. This is a read-only operation.
splitting attacks. This is a read-only operation.