DaveC_21078
Feb 07, 2011Altostratus
Change path
I have a URL where I need to alter the path, to eliminate the SSL in or w/o caring what comes afterSSL/. I thought it would fairly simple, but I can't get it to work. Thanks.
when HTTP_REQUEST {
if { [string tolower [HTTP::uri]] starts_with "/ssl/" } {
HTTP::uri [string range [HTTP::uri] 4 end] }
}
when HTTP_REQUEST {
if {[string tolower [HTTP::path]] starts_with "/ssl"}{
HTTP::redirect "https://site1.com[string map -nocase {/ssl/ /} [HTTP::uri]]"
}
}
Aaron/Colin - let's say he wanted to remove the string "/ssl" that occurred anywhere within the rule, what would we use then?
You could check for a URI containing "ssl" and then use string map as Dave did.
Dave, if the virtual server is for HTTPS traffic, you'd need to import the server cert/key in a client SSL profile and then add that to the virtual server. This allows LTM to decrypt the SSL and inspect and modify the HTTP.
Aaron
If it's going to show up anywhere in the URI it's a bit more tricky. You'd need to find where that is first, then use the string command to do away with that section, or re-write it as necessary.
Something like:
when HTTP_REQUEST {
set uri [tolower [HTTP::uri]]
if { $uri contains "/ssl/" } {
set index [string first /ssl/ $uri]
set newuri [string replace [HTTP::uri] $index [expr $index + 3]]
HTTP::uri $newuri
}
}
This would look for the first instance of /ssl/ and replace /ssl (chars 0-3 starting at the index) with nothing, effectively removing them from the URI.
Not tested on the LTM, but tested in tclsh for syntax.
Colin
Also, RE: the SSL problem: Make sure the iRule is applied to the SSL virtual as well as the HTTP virtual, and remember that it's only going to work if you're decrypting SSL on your LTM.
Colin