Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Handbook

    Home FortiADC 7.4.0 Handbook
    7.4.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.1.4
    7.1.3
    7.1.2
    7.1.1
    7.1.0
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.6
    6.1.5
    6.1.4
    6.1.3
    6.1.2
    6.1.1
    6.1.0
    6.0.1
    6.0.0
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.3.6
    5.3.5
    5.3.4
    5.3.3
    5.3.2
    5.3.1
    5.3.0
    5.2.7

    Function

    Functions

    FortiADC supports the basic commands. If the user want more functions, the user can implement functions to define more with the basic commands.

    Syntax

    function function_name(parameter)

    end

    Examples: cookie command usage

    FortiADC supports two cookie commands: cookie_list() and cookie(t) with t as a table input

    when HTTP_REQUEST {

    ret=HTTP:cookie_list()

    for k,v in pairs(ret) do

    debug("-----cookie name %s, value %s-----\n", k,v);

    end

    GET value of cookie "test"

    value = get_cookie_value(HTTP, "test") --the return value is either boolean false or its value if exists.

    debug("-----get cookie value return %s-----\n", value);

    GET attribute path of cookie "test", can be used to get other attributes too

    case_flag = 0; -- or 1

    ret = get_cookie_attribute(HTTP, "test", "path", case_flag);--return value is either boolean false or its value if exists

    debug("-----get cookie path return %s-----\n", ret);

    SET value of cookie "test"

    ret = set_cookie_value(HTTP, "test", "newvalue")--return value is boolean

    debug("-----set cookie value return %s-----\n", ret);

    REMOVE a whole cookie

    ret = remove_whole_cookie(HTTP, "test")--return value is boolean

    debug("-----remove cookie return %s-----\n", ret);

    INSERT a new cookie.

    Caution

    You need to make sure the cookie was not first created by the GET command. Otherwise, by design FortiADC shall use SET command to change its value or attributes.

    In HTTP REQUEST, use $Path, $Domain, $Port, $Version; in HTTP RESPONSE, use Path, Domain, Port, Version, etc.

    ret = insert_cookie(HTTP, "test", "abc.d; $Path=/; $Domain=www.example.com, ")--return value is boolean

    debug("-----insert cookie return %s-----\n", ret);

    }

    function get_cookie_value(HTTP, cookiename)

    local t={};

    t["name"]=cookiename

    t["parameter"]="value";

    t["action"]="get"

    return HTTP:cookie(t)

    end

    attrname can be path, domain, expires, secure, maxage, max-age, httponly, version, port.

    case_flag: If you use zero, FortiADC looks for default attributes named Path, Domain, Expires, Secure, Max-Age, HttpOnly, Version, Port. By setting this to 1, you can specify the case sensitive attribute name to look for in t["parameter"] which could be PAth, DOmaIn, MAX-AGE, EXpires, secuRE, HTTPONLy, VerSion, Port, etc.

    function get_cookie_attribute(HTTP, cookiename, attrname, case_flag)

    local t={};

    t["name"]=cookiename

    t["parameter"]=attrname;

    t["case_sensitive"] = case_flag;

    t["action"]="get"

    return HTTP:cookie(t)

    end

    function set_cookie_value(HTTP, cookiename, newvalue)

    local t={};

    t["name"]=cookiename

    t["value"]=newvalue

    t["parameter"]="value";

    t["action"]="set"

    return HTTP:cookie(t)

    end

    function remove_whole_cookie(HTTP, cookiename)

    local t={};

    t["name"]=cookiename

    t["parameter"]="cookie";

    t["action"]="remove"

    return HTTP:cookie(t)

    end

    function insert_cookie(HTTP, cookiename, value)

    local t={};

    t["name"]=cookiename

    t["value"]=value;

    t["parameter"]="cookie";

    t["action"]="insert"

    return HTTP:cookie(t)

    end

    Previous
    Next

    Function

    Functions

    FortiADC supports the basic commands. If the user want more functions, the user can implement functions to define more with the basic commands.

    Syntax

    function function_name(parameter)

    end

    Examples: cookie command usage

    FortiADC supports two cookie commands: cookie_list() and cookie(t) with t as a table input

    when HTTP_REQUEST {

    ret=HTTP:cookie_list()

    for k,v in pairs(ret) do

    debug("-----cookie name %s, value %s-----\n", k,v);

    end

    GET value of cookie "test"

    value = get_cookie_value(HTTP, "test") --the return value is either boolean false or its value if exists.

    debug("-----get cookie value return %s-----\n", value);

    GET attribute path of cookie "test", can be used to get other attributes too

    case_flag = 0; -- or 1

    ret = get_cookie_attribute(HTTP, "test", "path", case_flag);--return value is either boolean false or its value if exists

    debug("-----get cookie path return %s-----\n", ret);

    SET value of cookie "test"

    ret = set_cookie_value(HTTP, "test", "newvalue")--return value is boolean

    debug("-----set cookie value return %s-----\n", ret);

    REMOVE a whole cookie

    ret = remove_whole_cookie(HTTP, "test")--return value is boolean

    debug("-----remove cookie return %s-----\n", ret);

    INSERT a new cookie.

    Caution

    You need to make sure the cookie was not first created by the GET command. Otherwise, by design FortiADC shall use SET command to change its value or attributes.

    In HTTP REQUEST, use $Path, $Domain, $Port, $Version; in HTTP RESPONSE, use Path, Domain, Port, Version, etc.

    ret = insert_cookie(HTTP, "test", "abc.d; $Path=/; $Domain=www.example.com, ")--return value is boolean

    debug("-----insert cookie return %s-----\n", ret);

    }

    function get_cookie_value(HTTP, cookiename)

    local t={};

    t["name"]=cookiename

    t["parameter"]="value";

    t["action"]="get"

    return HTTP:cookie(t)

    end

    attrname can be path, domain, expires, secure, maxage, max-age, httponly, version, port.

    case_flag: If you use zero, FortiADC looks for default attributes named Path, Domain, Expires, Secure, Max-Age, HttpOnly, Version, Port. By setting this to 1, you can specify the case sensitive attribute name to look for in t["parameter"] which could be PAth, DOmaIn, MAX-AGE, EXpires, secuRE, HTTPONLy, VerSion, Port, etc.

    function get_cookie_attribute(HTTP, cookiename, attrname, case_flag)

    local t={};

    t["name"]=cookiename

    t["parameter"]=attrname;

    t["case_sensitive"] = case_flag;

    t["action"]="get"

    return HTTP:cookie(t)

    end

    function set_cookie_value(HTTP, cookiename, newvalue)

    local t={};

    t["name"]=cookiename

    t["value"]=newvalue

    t["parameter"]="value";

    t["action"]="set"

    return HTTP:cookie(t)

    end

    function remove_whole_cookie(HTTP, cookiename)

    local t={};

    t["name"]=cookiename

    t["parameter"]="cookie";

    t["action"]="remove"

    return HTTP:cookie(t)

    end

    function insert_cookie(HTTP, cookiename, value)

    local t={};

    t["name"]=cookiename

    t["value"]=value;

    t["parameter"]="cookie";

    t["action"]="insert"

    return HTTP:cookie(t)

    end

    Previous
    Next