66 Citrix NetScaler Policy Configuration and Reference Guide
TCP payload expressions are discussed in another chapter. For more
information, see “Advanced Expressions: Parsing HTTP, TCP, and UDP
Data,” on page 113.
• Text in an Secure Sockets Layer (SSL) certificate.
SSL and certificate expressions are discussed in another chapter. For
information on SSL and certificate data, see “Advanced Expressions:
Parsing SSL Certificates,” on page 141 and “Expressions for SSL
Certificate Dates,” on page 101.
Note: Parsing a document body, such as the body of a POST request, can affect
performance. You may want to test the performance impact of policies that
evaluate a document body.
Guidelines for Text ExpressionsFrom a performance standpoint, it typically is best to use protocol-aware
functions in an expression. For example, the following expression makes use of a
protocol-aware function:
HTTP.REQ.URL.QUERY
The performance of the previous expression is typically better than the following
equivalent expression that is based on string parsing:
HTTP.REQ.URL.AFTER_STR("?")
In the first case, the expression looks specifically at the URL query. In the second
case, the expression scans the data for the first occurrence of a question mark.
There is also a performance benefit from structured parsing of text, as in the
following expression:
HTTP.REQ.HEADER("Example").TYPECAST_LIST_T(',').GET(1)
(For more information on typecasting, see “Transforming Text and Numbers into
Different Data Types,” on page 169.) The typecasting expression, which collects
comma-delimited data and structures it into a list, typically would perform better
than the following unstructured equivalent:
HTTP.REQ.HEADER("Example").AFTER_STR(",").BEFORE_STR(",")
Finally, unstructured text expressions typically have better performance than
regular expressions. For example, the following is an unstructured text
expression:
HTTP.REQ.HEADER("Example").AFTER_STR("more")
The previous expression would generally provide better performance than the
following equivalent, which uses a regular expression: