For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

WeaverJK's avatar
WeaverJK
Icon for Nimbostratus rankNimbostratus
Aug 19, 2016

How to modify information in "meta http-equiv content" section in (response?) header?

Hi everyone. Thank you for taking time to read this post. I am writing this as a Question as the former thread seems to have dropped off the radar.

Basic issue: when a workstation uses a web browser to go to https://psc.company.com, they are receiving back https://backendnode1.company.com in the web browser URL field. We want this to show as "psc" instead of "backendnode1."

Sounds like a simple case of an iRule. This hasn't worked (yet); tried a few dozen variations.

Reference previous discussion:

https://devcentral.f5.com/questions/assistance-requested-with-https-response-redirect-vmware-platform-services-controller-48157comment33993

What follows is some simple troubleshooting and the results. I would appreciate your help in understanding those results and how to modify them (likely using a specific iRule).

For brevity and clarity, the actual directory structure listed below is being abbreviated as /tmp.

Executed the following command in order to see what was going on under the hood:

 

curl [https://psc.company.com](https://psc.company.com) --anyauth --cookie-jar /tmp/psc_cookies.txt --dump-header /tmp/psc_headerdump.txt --cacert /tmp/ca.crt --output /tmp/pscout.txt --trace /tmp/psc_trace.txt

 

The contents of pscout.txt:

1) Am I correct that it is the HTTP_RESPONSE that includes the information depicted by pscout.txt?

2) The "backendnode1" information is not in the Body of the response. It is my understanding that this means that a STREAM profile will not help. Correct?

3) How can the “meta http-equid content” information be modified using an iRule? Would anyone please provide sample code for this function?

Thank you for any and all input.

John K. Weaver

Note: With help from F5, access policy manager was used to resolve the issue, but the resulting "GUID" in the output is undesirable (instead of https://psc.company.com/websso, the output is something like https://psc.company.com/f5-thisisaverylongstringofgarbledinformation-muchlongerthanthis$$/websso). As such, we are going back to seeking a resolution without the use of APM.

application delivery
http
irule
iRules
LTM
psc
response
vmware

1 Reply

  • Mohamed_Lrhazi's avatar
    Mohamed_Lrhazi
    Icon for Altocumulus rankAltocumulus
    Aug 20, 2016

    1) Am I correct that it is the HTTP_RESPONSE that includes the information depicted by pscout.txt?

     

    Yes.

     

    2) The "backendnode1" information is not in the Body of the response. It is my understanding that this means that a STREAM profile will not help. Correct?

     

    The "backendnode1" information ISin the Body of the response.

     

    "the HTTP_RESPONSE" is "the Body of the response"

     

    Add -i to your curl, to include the response headers, in addition to the response "body".

     

    And yes, a stream profile would be able to modify that html content. https://devcentral.f5.com/wiki/iRules.STREAM__expression.ashx