Hi, I'm using a standard http to https redirect but it is changing a post transcation to a get. Here's my rule. How do I do I leave the Post intact and still enforce SSL? when HTTP_REQUEST { HTTP::redirect https://[HTTP::host][HTTP::uri] } Thanks in advance. Dave

That's just the way that browsers typically react to redirect responses to their POST requests. I don't think there's any way around it. This question has come up several times before; try searching the forum.

HTTP POST redirect preserving POST data by Nat http://devcentral.f5.com/wiki/iRules.HTTP_POST_redirectNew118.ashx

Nitass, I got pulled into a couple of different projects. Thanks for the link. I don't see how to make this redirect. Am I missing something simple? Thanks, Dave

I don't see how to make this redirect. Am I missing something simple? it is done by javascript in response content.

But it's not redirecting. I just don't see why not.

http redirect changes a post to a get

spark_86682
Historic F5 Account
Feb 07, 2012
That's just the way that browsers typically react to redirect responses to their POST requests. I don't think there's any way around it. This question has come up several times before; try searching the forum.
nitass
Employee
Feb 08, 2012
HTTP POST redirect preserving POST data by Nat

http://devcentral.f5.com/wiki/iRules.HTTP_POST_redirectNew118.ashx
DaveC_53879
Nimbostratus
Feb 21, 2012
Nitass,

I got pulled into a couple of different projects. Thanks for the link. I don't see how to make this redirect. Am I missing something simple?

Thanks, Dave
nitass
Employee
Feb 21, 2012
I don't see how to make this redirect. Am I missing something simple? it is done by javascript in response content.
DaveC_53879
Nimbostratus
Feb 21, 2012
But it's not redirecting. I just don't see why not.
nitass
Employee
Feb 23, 2012
did you see javascript in the first response from bigip?

by the way, have you used http analyzer tool?

HttpFox

https://addons.mozilla.org/en-US/firefox/addon/httpfox/
RiverFish
Altostratus
Dec 28, 2012
So the only way to fix this is to remove my redirect iRule "when HTTP_REQUEST { HTTP::redirect https://[HTTP::host][HTTP::uri] }" and add that big scary iRule that Nitass posted a link to? There is no tcp or http profile setting I can turn on or off?
What_Lies_Bene1
Cirrostratus
Dec 28, 2012
There is no TCP or HTTP profile setting. This isn't an issue with the F5 it's an issue with how browsers respond to redirects. Can you not modify the webpage or application logic that's causing the POST using HTTP to use HTTPS, ultimately that is the root cause of the issue.
Arie
Altostratus
Jan 04, 2013
I don't know the details of your situation, but it would seem that redirecting a POST to from HTTP to HTTPS would defeat the purpose of using SSL in the first place. If the user has already submitted the data (POST) it's already travelled out in the open (over port 80) and the data should be considered compromised.

If it is not possible to fix the page you could change the HTML as it travels through the LTM and swap out the URL on the page so the POST uses the secure protocol.

Forum Discussion

http redirect changes a post to a get

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Http redirection

iRules to redirect traffic https to http as well as changing the URL

Https redirect

Issue changing TLS version in HTTPS monitor

HTTP to HTTPS redirect with URI editing.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS