For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Miron_du_Plessi's avatar
Miron_du_Plessi
Icon for Nimbostratus rankNimbostratus
Nov 03, 2007

HTTP Redirect based on URI

Hi,     I have a webserver behind our LTM. Access to the webserver is working correctly when users use the full url of     https://remedy.xxx.net/arsys/home     however we are trying...
application delivery
dev
devops
iRules
Miron_du_Plessi's avatar
Miron_du_Plessi
Icon for Nimbostratus rankNimbostratus
Nov 06, 2007
Aaron,

 

 

I found the problem in the rule I submitted. As I had the following when i was

 

 

when HTTP_Request{

 

HTTP::redirect https://[getfield [HTTP::host] "." 1][HTTP::uri]

 

HTTP::redirect "https://remedy.xxx.net/arsys/home"

 

}

 

 

This was not running the 3rd statement possibly because it reads it similar to java (ie only the first statement)

 

 

Anyways that worked well to redirect , however after that the login did not work and the website seemed to be looping the client.

 

 

I have added the Firefox live headers output from the two tests

 

 

Test 1 - Redirect.txt (Login Fails)

 

 

when HTTP_Request{

 

HTTP::redirect "https://remedy.xxx.net/arsys/home"

 

HTTP::redirect https://[getfield [HTTP::host] "." 1][HTTP::uri]

 

}

 

 

Test 2 - NoRedirect.txt (Login Works)

 

 

when HTTP_Request{

 

HTTP::redirect https://[getfield [HTTP::host] "." 1][HTTP::uri]

 

HTTP::redirect "https://remedy.xxx.net/arsys/home"

 

}

 

 

Besides for this problem it looks like it may be beneficial to capture the 302 from the server and replace the http with https. Might just clean up the communication.

 

 

After that I can look at protecting the webserver identity.

 

 

Miron