Using Variables in HTTP Request Modifications
You can use variables in HTTP request modifications. While modification actions are being executed in the action file, values of HTTP requests, HTTP header fields, and HTTP responses, as well as system information can be queried.
Use the following syntax to use variables in the action file:
%{Variable}
Below are examples of the use of variables:
SetHeader clientProtocol %{SERVER_PROTOCOL}
The header field clientProtocol is set to the value of the variable SERVER_PROTOCOL
SetHeader X-SAP-WEBDISP-AP %{SERVER_ACCESS_POINTS}
The header field X-SAP-WEBDISP-AP is set to the value of the variable SERVER_ACCESS_POINTS
if %{REQUEST_METHOD} !stricmp "GET" [AND]
if %{REQUEST_METHOD} !stricmp "POST"
RegForbiddenURL ^/(.*) -
Only data sent with the GET or POST method is allowed: If the data is not sent with GET or POST, HTTP status code 403 (forbidden) is returned as the response to the HTTP client.
If % (HTTP_HOST) regimatch ^ ldp .*
RegIRewriteUrl ^/ping(.*) /sap/public/icman/ping$1
If the host name (value of variable HTTP_HOST) starts with ldp, the /ping in URLs that start with /ping is replaced with /sap/public/icman/ping.
Supported Variables
The following variables are supported:
Access to Header Fields
Variable name |
HTTP Header Field |
|---|---|
HTTP_USER_AGENT |
<User Agent> of the HTTP request. |
HTTP_REFERER |
<Referer> of the HTTP request. |
HTTP_COOKIE |
<Cookie> of the HTTP request. |
HTTP_FORWARDED |
<Forwarded> of the HTTP request. |
HTTP_HOST |
<Host> of the HTTP request. |
| HTTP_HOST_SHORT | Part of the <HOST>. Contains the short HOST name without the domain. |
| HTTP_HOST_DOMAIN | Part of the <HOST>. Contains the domain of the HTTP HOST header, if available. |
HTTP_CONTENT_LENGTH |
<Content Length> of the HTTP request. |
HTTP_CONTENT_TYPE |
<Content Type> of the HTTP request. |
HTTP_ACCEPT |
<Accept> of the HTTP request. |
HTTP_ACCEPT_CHARSET |
<Accept Charset> of the HTTP request. |
HTTP_ACCEPT_ENCODING |
<Accept Encoding> of the HTTP request. |
HTTP_ACCEPT_LANGUAGE |
<Accept Language> of the HTTP request. |
HTTP_VIA |
<Via> of the HTTP request. |
HEADER:<name> |
Any header field with a <Name> <name> (the name is case-insensitive). |
HTTP_RESPONSE_CONTENT_LENGTH |
<Content Length> of the HTTP request. |
HTTP_RESPONSE_CONTENT_TYPE |
<Content Type> of the HTTP response. |
HTTP_RESPONSE_VIA |
<Via> of the HTTP response. |
RESPONSE_HEADER:<name> |
Any header field of the HTTP response with a <Name> <name> (the name is case-insensitive). |
HTTP_RESPONSE_COOKIE |
<Set cookie> of the HTTP response. |
HTTP_RESPONSE_STATUS |
<Status Code> of the HTTP response. |
Access to Request URL
Variable name |
Attribute of Request, Possible Values |
|---|---|
REQUEST_METHOD |
Method used: GET, POST, PUT, HEAD, ... |
SERVER_PROTOCOL |
Log: HTTP, HTTPS |
PATH |
URL decoded path of the request. |
PATH_TRANSLATED |
Standardized URL decoded path of the request. |
QUERY_STRING |
List of form fields after the '?' |
FORMFIELD:<name> |
Value of form field with <name>. The field name comparison is case insensitive. |
FormField:<name> |
Value of form field with <name>. The field name comparison is case sensitive. |
Standard Request Values
Variable name |
Attribute of Request, Possible Values |
|---|---|
SID |
System ID of the back-end system to which the request is sent. |
SERVER_PORT |
Port number where the request was received. |
SERVER_ADDR |
IP address of the server where the request was received. |
REMOTE_HOST, REMOTE_ADDR |
IP address of the remote host. |
REMOTE_PORT |
Port number of the remote host. |
SERVER_ACCESS_POINTS |
Server accessibility (usually for the header field "X-SAP-WEBDISP-AP"). SERVER_ACCESS_POINTS = http:80,https:8443 |
TARGET_INSTANCE_NAME |
Returns the name of the application server instance to which the request was sent. The variable is used only for responses from an ABAP server. If the variable is used to rewrite requests or used in the ICM, it is empty. If the variable is used for requests to EXTSRV or XSSRV, it contains the internal technical name of the instance used in the SAP Web Dispatcher. |
SSL-Specific Values
These values are available only for an HTTPS connection if the client has also sent an X.509 client certificate:
Variable name |
Attribute of Request, Possible Values |
|---|---|
SSL_CLIENT_CERT |
Base64-coded client certificate. |
SSL_CLIENT_CERT_SUBJECT |
Contains the subject field of the client certificate. |
SSL_CLIENT_CERT_ISSUER |
Contains the issuer field of the client certificate. |
SSL_CLIENT_CERT_CHAIN_0... SSL_CLIENT_CERT_CHAIN_n |
CHAIN_0: This is the first NON root-CA certificate of the CA that the client certificate has signed (also Base64 coded). CHAIN_n: This is the last NON root-CA certificate of the CA that the client certificate has signed (also Base64 coded). |
SSL_CIPHER_USEKEYSIZE |
Number of cipher bits used. |
SSL_CIPHER_SUITE |
Cipher suite used after the SSL (draft-free-ssl-version3-02) and TLS (RFC 2246) specification. |
System Values
Variable name |
Value |
|---|---|
SERVER_SOFTWARE |
Name of application server. |
SERVER_NAME |
Default name of the HTTP server. |
TIME_YEAR |
Current year. |
TIME_MON |
Current month (values from 1 to 12). |
TIME_DAY |
Current day. |
TIME_HOUR |
Current hour (values from 0 to 23). |
TIME_MIN |
Current minute (values from 0 to 59). |
TIME_SEC |
Current second (values from 0 to 59). |
TIME_WDAY |
Current day of the week (values from Monday=0 to 6). |
TIME |
Current time in seconds since 1970. |