WorxWeb headers and netscaler policies


#1

Netscaler wizards for XenMobile will setup the following policies, however they are historic and are no longer fully correct. Although they may still function in some cases they may also cause issues due to triggering incorrect traffic actions.

Here is an example of a wizard made netscaler expression.

(REQ.HTTP.HEADER User-Agent CONTAINS Mozilla || REQ.HTTP.HEADER User-Agent CONTAINS com.citrix.browser)

What this means is if the User-Agent header in an HTTP request either contains Mozilla or com.citrix.browser the policy will trigger.

This is not ideal, most modern browsers will send the Mozilla User-Agent header in the HTTP request therefore triggering this policy.

Lets look at an HTTP header sent by Android WorxWeb 10.0.7

GET / HTTP/1.1
Host: google.com
Connection: keep-alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Linux; Android 5.0.2; VF-895N Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/37.0.0.0 Mobile Safari/537.36 WorxWeb/10.0.7.35
Accept-Encoding: gzip,deflate
Accept-Language: en-GB,en-US;q=0.8
X-Requested-With: com.citrix.browser

As you can see although com.citrix.browser is listed in the header it exists as X-Requested-With, therefore will not trigger the expression.

Ideally if you want to write an expression that will get triggered just by WorxWeb the following will work best.

REQ.HTTP.HEADER User-Agent CONTAINS WorxWeb