PingAccess

Adding rewrite content rules

Add rewrite content rules, which modify text in HTTP response bodies as it is served to the client in PingAccess.

Before you begin

Confirm that you are not using the agent model. Rewrite content rules aren’t available for agent deployments.

About this task

A rewrite content rule uses a subset of the Java regular expression syntax that excludes look-behind constructs, such as \b, and the boundary matcher, \G. If no Java regular expression syntax is used, the rule performs a case-sensitive search and replace.

The most common use case for this rule is to rewrite host names within URLs contained in HTML, JavaScript, or CSS content.

Extensive use of rewrite content rules might have significant performance implications.

This rule supports content that is either chunked or streamed from the target server. When sent to the client, the content is always chunked.

To add a rewrite content rule:

Steps

  1. Click Access and then go to Rules → Rules.

  2. Click Add Rule.

  3. In the Name field, enter a unique name up to 64 characters long.

    Special characters and spaces are allowed.

  4. In the Type list, select Rewrite Content.

  5. To define what type of response data to which the rewrite rule applies, enter one or more Response Content-Types.

    The default values are text/html, text/plain, and application/json. The list is an ordered list.

    Only text-based content types are supported. Text-based content types compressed with gzip, deflate, or compress will decompress prior to rewrite rule processing, however, the content is not re-compressed before sending to the client.

  6. Define one or more sets of Find and Replace Criteria.

    If multiple criteria are specified, each operation is performed against the original content, effectively applying the rule concurrently.

    Changes can affect CSS, Javascript, and other text-based elements served to the client. Be sure to properly craft the regular expression to avoid unintentionally modifying content.

  7. If the protected application does not return a Content-Type header, select Missing Content-Type Allowed.

  8. If you enable Missing Content-Type Allowed, specify the encoding the application returns in the Missing Content-Type Charset field.

    This field could contain UTF-8. A list of valid values is available in the Oracle Java 8 SE Technical Note.

  9. If necessary, increase the size of the buffer used to perform the replace operation by clicking Show Advanced and entering a value in Maximum Buffer Size.

    Replacement values cannot be larger than the buffer size. The minimum buffer size you can specify is 1024 bytes. There is no maximum value.

  10. Click Save.

Rewrite content rule examples

This table provides examples of rewrite content rule use cases and their results.

Example description Original content Content type Find criteria Replacement value Modified text

Rewrite URL portion of a web link

<a href="https://serverx.inside.corp/app/">

text/html

serverx.inside.corp

www.acme.com

<a href="https://www.acme.com/app/">

Case-sensitive text replacement

ACMEcorp

text/html

Ecorp

E Corporation

ACME Corporation

Value masking

{
  "origin": "127.0.0.1, 192.168.1.1"
}

application/json

(127.0.0.1, ).*"

*"

{
  "origin": "127.0.0.1, *"
}

Replacing text inside a specified element using Java regex groups

This text is bold.

text/html

<b>(bold)</b>

not $1

This text is not bold.

Case-insensitive text replacement using a Java regex match flag

HTTP

text/html

(?i)http

FTP

FTP