66

Citrix NetScaler Policy Configuration and Reference Guide

TCP payload expressions are discussed in another chapter. For more information, see “Advanced Expressions: Parsing HTTP, TCP, and UDP Data,” on page 113.

Text in an Secure Sockets Layer (SSL) certificate.

SSL and certificate expressions are discussed in another chapter. For information on SSL and certificate data, see “Advanced Expressions: Parsing SSL Certificates,” on page 141 and “Expressions for SSL Certificate Dates,” on page 101.

Note: Parsing a document body, such as the body of a POST request, can affect performance. You may want to test the performance impact of policies that evaluate a document body.

Guidelines for Text Expressions

From a performance standpoint, it typically is best to use protocol-aware functions in an expression. For example, the following expression makes use of a protocol-aware function:

HTTP.REQ.URL.QUERY

The performance of the previous expression is typically better than the following equivalent expression that is based on string parsing:

HTTP.REQ.URL.AFTER_STR("?")

In the first case, the expression looks specifically at the URL query. In the second case, the expression scans the data for the first occurrence of a question mark.

There is also a performance benefit from structured parsing of text, as in the following expression:

HTTP.REQ.HEADER("Example").TYPECAST_LIST_T(',').GET(1)

(For more information on typecasting, see “Transforming Text and Numbers into Different Data Types,” on page 169.) The typecasting expression, which collects comma-delimited data and structures it into a list, typically would perform better than the following unstructured equivalent:

HTTP.REQ.HEADER("Example").AFTER_STR(",").BEFORE_STR(",")

Finally, unstructured text expressions typically have better performance than regular expressions. For example, the following is an unstructured text expression:

HTTP.REQ.HEADER("Example").AFTER_STR("more")

The previous expression would generally provide better performance than the following equivalent, which uses a regular expression:

Page 80
Image 80
Citrix Systems 9.2 manual Guidelines for Text Expressions