Forum Discussion
hector_40668
Nimbostratus
NimbostratusF5 replace string from "http" to "https" in jar files
Hi,
I am very new to F5 and I hope you guys here can help me out on this.
Recently we encounter some problems with files that are going thru the F5. It seems like when the client downloads jars files thru the F5, the contents of the jars files seems to replace.
For example: original hector.jar files contains multiple files with the string "http://example.com", when the client download this hector.jar files and view it on their local machine, "http://example.com" will be replace with "https://example.com".
I am really very puzzled as in how come the contents of the jar files will be changed. Is there a settings in the F5 console to stop it from doing so?
Rgds
Hector
5 Replies
hoolioCirrostratus
Hi Hector,
By default LTM won't modify the response HTTP headers or payload. You could potentially enable this response content rewriting with a stream profile and/or iRule. But that wouldn't be enabled by default. If you test directly to the server(s), do you see http:// or https:// links? Can you post an anonymized copy of the virtual server definition using 'b virtual VS_NAME list'?
Aaron
hector_40668Hi Aaron,
Downloading direct from the server does not changes anything and I could still see http:// links in my jar files.
The config is as follows:
virtual virtual_server_weblogic_https {
snat automap
pool pool_UAT_7002
destination 192.xxx.xx.xx:https
ip protocol tcp
rules app_uat
profiles
CA_SSL
WebLogic_Stream
Weblogic_HTTPS
tcp
persist app_cookies
}
Thanks for looking into this.
Rgds
Hector- Chris_Miller
Altostratus
I'd check out that WebLogic_Stream profile and Weblogic_HTTPS profile. - hoolioAs Chris suggested, it's quite likely that the stream profile would be the reason for the change in the application content. You can use an iRule to selectively enable the content rewriting for the stream profile:
http://devcentral.f5.com/wiki/default.aspx/iRules/stream__expression
Aaron - hoolioYes, the stream profile configuration of a source of http:// and a target of https:// dictates that LTM will replace http:// with https:// in all request and response payloads. To avoid this issue, you can selectively enable the stream filter using STREAM::enable/disable in an iRule. The STREAM::expression wiki page has some examples. A safe bet would be to restrict the rewriting to responses only with a response content-type of text:
http://devcentral.f5.com/wiki/default.aspx/iRules/stream__expressionwhen HTTP_REQUEST { Disable the stream filter for all requests STREAM::disable } when HTTP_RESPONSE { Check if response type is text if {[HTTP::header value Content-Type] contains "text"}{ Replace http:// with https:// STREAM::expression "@http://@https://@" Enable the stream filter for this response only STREAM::enable } }
Aaron
