Forum Discussion
Adrian_Turcu_10
Nimbostratus
NimbostratusHelp With HTTP_RESPONSE
Hello Gurus
Could someone help me with a quick rule to replace a header in the response back to the client, please?
My problem is like follows: we have a poxi app (not proxy) and the damn thing is sending a redirection back to the client to localhost instead of maintaining the hostname that requested the initial page and the protocol
I was talking with the developers and they they don't have an estimate for a fix (I'm gonna kill them soon) and reading through the posts I believe my interim solution will be arounf HTTP_RESPONSE actions in the iRules.
How can I use iRules in the response to the client to replace the beging of the redirection (http://127.0.0.1) with the protocol and host that was made for that request (https://acme.com) and maintain the reamining of the redirectied URI (/some/redirected/path/to/the/client.jsp)
Thanks in advance,
Adrian
- Is the host that made the request (https://acme.com) a fixed value or is it something that changes and must be read from the request?
Adrian_Turcu_10That should be read from the request as it can change in protocol, i.e HTTPS vs. HTTP
The SSL is terminated on the LTM when the request comes over HTTPS.
Thanks,
Adrian
David_Homoneywhen HTTP_REQUEST {
set shost [getfield [HTTP::host] ":" 1]
set suri [HTTP::uri]
}
when HTTP_RESPONSE {
if { [HTTP::status] starts_with "3" } {
HTTP::redirect https://$shost$suri
}
}- Adrian_Turcu_10Nice and slick, thanks.
In the HTTP_RESPONSE, do I have visibility to the headers send back by the app? I am interesting the "Location:" header which comes from the app server in this form:
Location: http://127.0.0.1/some/path/to/redirect
I need to replace the content of that header with
Location: ://$shost/some/path/to/redirect
where $shost is picked up in the HTTP_REQUEST and the should be the same that the client originally requested (could be either HTTP of HTTPS, so it is not always HTTPS or HTTP), which I believe that can be pickeup on the HTTP_REQUEST as well.
Thanks,
Adrian - David_HomoneyAdrian,
Is the inbound ports the standard ports for HTTP and HTTPS? - Adrian_Turcu_10They are standard ports for HTTP and HTTPS.
I believe it could be something like this, but I failed to substract from the location header the part that I'm insterested:
when HTTP_REQUEST {
set shost [getfield [HTTP::host] ":" 1]
set smethod [HTTP::HTTP::method]
}
when HTTP_RESPONSE {
if { [HTTP::status] starts_with "3" } {
set rlocation [HTTP::header "Location"]
set ruri
HTTP::header replace Location $smethod://$shost$ruri
}
}
How do I extract the URI form the Location header in the response from the client? - David_Homoneywhen HTTP_REQUEST {
set shost [getfield [HTTP::host] ":" 1]
set sport [getfield [HTTP::host] ":" 2]
set suri [HTTP::uri]
}
when HTTP_RESPONSE {
if { [HTTP::status] starts_with "3" } {
if { $sport equals "443" } {
HTTP::redirect https://$shost$suri
} else {
HTTP::redirect http://$shost$suri
}
}
}
The should due the trick. - Adrian_Turcu_10hmmm... i don't really think so... maybe I did not say it right in the first place. sorry...
I cannot tell what's the requested URI and what's the "desired" redirected URI from the original request.
Here how the dynamics are:
- the client does a request (HTTP or HTTPS) to lets say /index.jsp (i.e http://acme.com/index.jsp or https://acme.com/index.jsp)
- the app behind, makes a decision internaly where to send the client for its next request and sets the Location header as part of the redirect process (is not the LTM who does the redirection)
- the problem is that the app sends http://127.0.0.1/nexthop.jsp (could be http://127.0.0.1/any/other/path/hop.jsp as well) for the Location where the client needs to go next
- I need to intercept this Location header in the response from the app (it is just a portion of the total requests that are wrongly redirected by the app, not all - don't ask me, I haven't designed the app, I just need to provide the workaround until devs are getting their story straight) and change "http://127.0.0.1" with the original method and the original host name that the user requested in the first place, but to maintain the actual URI that is set by the app (as said, that is unknown to the LTM as it is built inside the app logic where the client is redirected after initial request). The final Location header send back to the client should be http://acme.com/nexthop.jsp or https://acme.com/nexthop.jsp or http://acme.com/any/other/path/hop.jsp or... I don't know what's it gonna be in the HTTP_REQUEST (the app logic is not at the LTM level)
Thanks,
Adrian - David_HomoneyOk I understand now. Sorry for the confusion. You are correct in the stripping of the location header and pulling out the URI. Unfortunately this is the way you will have to do it.
- Adrian_Turcu_10That Location header will be in this form (I got a header sniff on the replies)
Location: http://127.0.0.1/nexthop.jsp
If I put
HTTP::redirect http://$shost$clocation
where clocation is gotten from
set clocation [HTTP::header "Location"]
would that not result in a final (?):
http://$shosthttp://127.0.0.1/nexthop.jsp
I'd say something like this would do the trick:
when HTTP_REQUEST {
set shost [getfield [HTTP::host] ":" 1]
set smethod [HTTP::HTTP::method]
}
when HTTP_RESPONSE {
if { [HTTP::status] starts_with "3" } {
set rlocation [HTTP::header "Location"]
set rurl [split $rlocation /]
set ruri /[join [lrange $rurl 3 end] /]
HTTP::header replace Location $smethod://$shost$ruri
}
}
Would you agree? Not sure if my TCL is right to extract the actual string from the location header....
Thanks,
Adrian
