For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Shay_Ben-David1's avatar
Shay_Ben-David1
Icon for Nimbostratus rankNimbostratus
Feb 05, 2008

http secure and nonsecure items on page

Hi everyone, i have two VS's on the bigip one for HTTP and another for HTTPS (same domain), i have an irule on the HTTP VS to redirect all to the HTTPS VS, problem is that my pages contains both secur...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
May 19, 2009
Do you see the STREAM_MATCHED event triggered on the response? If the Content-Type header value contains text, isn't compressed and contains "http://" the "http://" strings should be rewritten to https://. If the response is being compressed you could either disable compression on the server(s) or remove the Accept-Encoding header from the requests to work around this issue. 

 
 when HTTP_REQUEST { 
  
    log local0. "[IP::client_addr]:[TCP::client_port]: New HTTP request to [HTTP::host][HTTP::uri]." 
    HTTP::header remove "Accept-Encoding" 
 }

This assumes you actually want to rewrite the http:// references for these URLs to https://. flex.org doesn't answer requests via SSL on port 443. Requests to https://get.adobe.com/flashplayer/ are redirected to http.

Aaron

Aaron