HTTP Header Rewrite - X-Forwarded-Proto
Hi All,
I have an issue wherein our client has added a new data source, which is traversing a load balancer before it reaches us. The clients Load Balancer is inserting X-Forwarded-Proto: HTTPS to the header. The Virtual Server on our side is also inserting X-Forwarded-Proto: HTTPS, which results in the header looking like this:
X-Forwarded-Proto: https, https
Our web servers are not happy with this and are dropping the traffic with a 403 error.
Client have advised that they cannot fix this on their side, and we need to fix it on our side. I am reluctant to make any changes to working existing traffic, and we need the X-Forwarded-Proto: HTTPS
My plan was to add an iRule to modify the headers to correct the error, but only for the source that's failing, identifying the traffic using the Client IP.
Here is the iRule I was planning to use. Can anyone advise if this approach will work theoretically, and if my iRule looks correct?
when HTTP_REQUEST {
if {![class match [IP::client_addr] equals ip_group]} {
HTTP::header replace "X-Forwarded-Proto" "https"
}
}
Thanks in advance.