Forum Discussion
raytoles_75680
Nimbostratus
Dec 03, 2009Header Insert of "http" or "https"
We're going to implement a virtual server to handle HTTP and HTTPS requests. The developers need us to insert the protocol into the header. We're still new to irules and I constantly fear performanc...
hoolio
Cirrostratus
Dec 04, 2009A client wouldn't include a response header in a subsequent request, so the only time that header would exist is if the client injected it. You might actually want to remove any prior instance to ensure a malicious client couldn't forge the header.
If the VIP is defined on port 0, you might also want to drop any non-80 or non-443 traffic. You can also do the check once in CLIENT_ACCEPTED instead of on each HTTP request:
when CLIENT_ACCEPTED {
Check the requested port
switch [TCP::local_port] {
80 {
set proto http
}
443 {
set proto https
}
default {
Drop the request
drop
}
}
}
when HTTP_REQUEST {
Replace the X-Forwarded-Proto header if it exists
If it does not exist, a new instance will be inserted
HTTP::header replace X-Forwarded-Proto $proto
}
Aaron
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects