Forum Discussion
NimbostratusAllowing mixed content via an iRule?
We are trying to expose an iframe that shows content from a non-https site without getting the mixed content error from all browsers. We are terminating SSL at the F5 for our site. So, if our site is https://www.abc.com and there is an embedded iframe showing content from http://www.def.com in an embedded iframe, we get the security warning. Is there any way to do that using an irule?
7 Replies
What_Lies_Bene1Cirrostratus
I don't think this is possible. They are powerful but iRules can't directly control browser behaviour, which is want you want to do. Can you not use https for that other content? Or somehow serve the content via your domain?
natheCirrocumulus
What about a Stream Profile which you could use to replace http://www.def.com with https://www.def.com?
Would this work?
N
- nathe
Create new Stream Profile, Target - @http://www.def.com@https://www.def.com@
- nathe
apply to VS of course ;-)
Do you also own www.def.com? Just curious - doesn't affect my answer below but might impact someone else's answer.
So have you thought about creating another virtual server at say, www2.abc.com that redirects to an HTTPS virtual and to a pool consists of a single HTTP member: www.def.com? Then have your iframe referece www2.abc.com instead of www.def.com.
Would only take a few minutes to configure and test.
Roman_78919Legally we do own www.def.com but I have no control over that site. I like your suggestion and will try asap.
Jaz_170005hello, I was wondering did you try it? did it work? I am facing the same issue and looking for a solution.-thanks
