194 Citrix NetScaler Policy Configuration and Reference Guide
sys.http_callout(authCallout).contains("someText")

If the return type is NUM, the following expression is valid:

sys.http_callout(authCallout).gt(500)

The following example shows the use of SYS.HTTP_CALLOUT to retrieve a

source IP address and insert it in a header of an HTTP request. (Bold is used for

emphasis.)

set policy httpCallout extractSrcIPCallout -ipAddress 10.101.
10.10 -port 80 -returnType text -hostExpr "\"10.101.10.10\""
-urlStemExpr "\"/mysite/index.html\"" -resultExpr 'server.ip.
src'
add rewrite action insertSrcIPAction insert_http_header Name
"sys.http_callout(extractSrcIPCallout)" -bypassSafetyCheck yes
add rewrite policy insertSrcIPPolicy "http.req.
header(\"MyHeader\").exists" insertSrcIPAction
bind rewrite global insertHostHeaderPolicy 100 END -type
req_default

The following example shows the use of SYS.HTTP_CALLOUT to retrieve

notification regarding whether a client IP address is blocked from a server and

configure a “You are banned” message in the Responder. (Bold is used for

emphasis.)

add policy httpCallout blockedCalloutPolicy
set policy httpCallout blockedCalloutPolicy -returnType text
-ipAddress 10.100.10.10 -port 80 -fullReqExpr '"Get
/cgi-bin/is_ip_blocked?ip=" + client.ip.src + "http/1.1\r\n" +
"Host: my_server\r\n\r\n"' -resultExpr 'http.res.
header("Result")'
add responder action blockedResponderAction respondwith
'"HTTP/1.1 200OK\r\n Content=Length: 17 \r\n\r\nYour IP is
banned"'
add responder policy blockedResponderPolicy "http.req.url.
eq("/") && sys.http.callout(blockedCalloutPolicy).
eq("Blocked") blockedResponderAction
bind responder global blockedResponderPolicy 100 END -type
res_override
Notes on Invoking a Callout

When invoking an HTTP callout in a policy or an action, be sure that the callout

invocation does not trigger additional callouts. For example, a policy should not

invoke an HTTP callout named MyCalloutPL if the policy expression contains

the URL /mycallout.pl. The following is an example: