Forum Discussion

Kevan_50436's avatar
Kevan_50436
Icon for Nimbostratus rankNimbostratus
Apr 21, 2009

Changing the body of a response

We have an application that builds and returns pages containing URLs as part of the response body based on how it was called. For example:     Called as: http://a.b.c.d/something/so...
application delivery
dev
devops
iRules
dennypayne's avatar
dennypayne
Icon for Employee rankEmployee
Apr 21, 2009
Sorry...I misread and thought that these references were 301 or 302 responses, but you're saying that the links are embedded in the payload (HTML or whatever). Fixing that is going to be a bit more complicated if the application isn't aware that it's being accessed by SSL on the front end.

 

 

I know that some applications (Outlook Web Access for example) will correctly handle this if you pass them a header that basically tells the application when you're offloading SSL (see SOL 6087 Click here ). So that may be one option.

 

 

Another option would be to do server-side re-encryption so that the LTM can still do iRules, cookie persist, etc, and the server still gets 443 connections. But this negates the performance gain from offloading SSL on the front end.

 

 

You could also enable a stream profile on the https vip that would capture any reference to http://a.b.c.d/something/ and rewrite it as https://a.b.c.d/something/, but that may not be granular enough (it would do that to any reference in the payload, not just the changed ones). I'm struggling to come up with iRule logic to handle that...anyone else have thoughts on that?

 

 

Denny