Forum Discussion

Nimbostratus

Feb 07, 2012

http redirect changes a post to a get

Hi, I'm using a standard http to https redirect but it is changing a post transcation to a get. Here's my rule. How do I do I leave the Post intact and still enforce SSL? ...

Altostratus

Jan 04, 2013

I don't know the details of your situation, but it would seem that redirecting a POST to from HTTP to HTTPS would defeat the purpose of using SSL in the first place. If the user has already submitted the data (POST) it's already travelled out in the open (over port 80) and the data should be considered compromised.

If it is not possible to fix the page you could change the HTML as it travels through the LTM and swap out the URL on the page so the POST uses the secure protocol.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

http redirect changes a post to a get

Recent Discussions

Can you set Kerberos AAA server via session variable?

HTML Code injection Not detected by ASM

What will be happen to live and existing connections when failover HA BIG IP active-standby

SSL Offload and remove FQDN

High CPU utilization (100%).

Related Content

Simple HTTP::redirect iRule results in a reset

HTTP::redirect doesn't work for multiple conditions, URL redirect doesn't work using iRule

http to https redirection

Redirect iRule for http TimeStamp service

IRULE FOR HTTP to HTTPS REDIRECTION FOR ALL TRAFFIC EXPECT SOME URI

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS