Forum Discussion

Nimbostratus

Apr 03, 2018

HSTS header in policy is NOT sent when redirecting

We are inserting an HSTS header using a policy (v 12). When a request comes into our virtual server, if the URI is just /, we have an iRule that will redirect the browser to a specific application. F...

application delivery

iRules

Thomas_Schaefer

Nimbostratus

Apr 04, 2018

Originally, not all sites were ready to have the header inserted and as we share profiles, that would not work. Since all sites are now HTTPS, that could work but the question remains why the redirect seems to bypass the policy.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

HSTS header in policy is NOT sent when redirecting

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

F5 Academies Are Back – And We’re Coming to a City Near You

Recent Discussions

In F5 APM, how to include multiple DNS suffix?

Username is not filled in EdgeClient in the Modern customization

Cert Bundle Manager

Question regarding F5 Viprion Configuration Migration to VE.

Why does SSLO not support ACTIVE-ACTIVE mode deployments？

Related Content

iRule to modify a content-security-policy header

Insert header for APM policy

LTM Policy

URI host header redirect failing

iRule for AFM IP Intelligence security policy to work with HTTP XFF (X-Forwarded-For) headers

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS