<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Hello,</p>
<p>you can get the only the headers from sip message in the
following way:</p>
<p> - compute the length of the sip message without the body (there
are variables for message buffer len and body size, or use the
s.len transformation)<br>
- use substring transformation over $mb to get only its first
part of length size computed at the previous step</p>
<p>If you want to skip the first line and have only pure headers,
then use {line.at,0) transformation over the above result to get
the first line, then compute its length and again substring to
skip it.</p>
<p>For convenience, in the devel master branch I added a new
variable $msg(hdrs) which returns only the headers.</p>
<p>I am also considering to add an iterator to be able to walk
through headers. That is even possible now by using {line.at,pos}
and {s.select,...}, but with a bit more scripting inside the
config file.</p>
<p>Cheers,<br>
Daniel<br>
</p>
<div class="moz-cite-prefix">On 27/06/16 14:10, Colin Morelli wrote:<br>
</div>
<blockquote
cite="mid:CAPtU-UqMqgoXYK1tkfQqqN3KVZ7ffiFK_JToji2Ftx=axTu_rw@mail.gmail.com"
type="cite">
<div dir="ltr">I suppose there's a lot of subjectivity here - and
it greatly depends on your configuration - but at least for my
use case I don't quite agree with that statement. My API is
already the component performing authentication and making
routing decisions anyway, which means Kamailio is going to send
the SIP traffic to wherever it says. Pushing a full list of
headers to that endpoint doesn't compromise security any more
than it already is by allowing the API to decide where that SIP
message goes next. (In other words: my API is controlling SIP
credentials, and if it really wanted access to the value of
another header, it could simply redirect the SIP request to a
server it controls).
<div><br>
</div>
<div>Additionally, this means that if I need to change the
routing decisions that my API makes, I have to redeploy
Kamailio with configuration changes to send the new header
values. This leaks implementation details of my API into a
layer that really doesn't need (or want) to concern itself
with that work.</div>
<div><br>
</div>
<div>Again - I fully understand that everyone's solutions here
are different and this is just how it applies in my particular
scenario. So I'm not intending to argue here, rather just
suggesting that there are some valid use cases for it. </div>
<div><br>
</div>
<div>In any case, thanks for the response! I'm sure I'll be back
with more questions as I continue to work through this.</div>
<div><br>
</div>
<div>Best,</div>
<div>Colin</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr">On Mon, Jun 27, 2016 at 8:00 AM Alex Balashov
<<a moz-do-not-send="true"
href="mailto:abalashov@evaristesys.com">abalashov@evaristesys.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">FWIW, I
think that from a security and software quality perspective,
explicitly defining which headers you want to feed to the API
is the much better approach anyway.<br>
<br>
-- Alex<br>
<br>
--<br>
Principal, Evariste Systems LLC (<a moz-do-not-send="true"
href="http://www.evaristesys.com" rel="noreferrer"
target="_blank">www.evaristesys.com</a>)<br>
<br>
Sent from my Google Nexus.<br>
<br>
<br>
_______________________________________________<br>
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users
mailing list<br>
<a moz-do-not-send="true"
href="mailto:sr-users@lists.sip-router.org" target="_blank">sr-users@lists.sip-router.org</a><br>
<a moz-do-not-send="true"
href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users"
rel="noreferrer" target="_blank">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a><br>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a>
<a class="moz-txt-link-freetext" href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla
<a class="moz-txt-link-freetext" href="http://www.asipto.com">http://www.asipto.com</a> - <a class="moz-txt-link-freetext" href="http://www.kamailio.org">http://www.kamailio.org</a>
<a class="moz-txt-link-freetext" href="http://twitter.com/#!/miconda">http://twitter.com/#!/miconda</a> - <a class="moz-txt-link-freetext" href="http://www.linkedin.com/in/miconda">http://www.linkedin.com/in/miconda</a></pre>
</body>
</html>