Forum Discussion
Ryan_M
Nimbostratus
Nimbostratushttp::host is not populated
It's my first iRule, and I know the answer's going to make me feel stupid, so please be gentle...
I'm trying to do a simple redirect to https. I created two virtual servers with the same IP, one on 443, one on 80. The VS on 80 has this iRule applied:
when HTTP_REQUEST {
HTTP::redirect https://[HTTP::host][HTTP::uri]
}
However, when I try to access this server, I get this HTTP response:
GET /test.html
HTTP/1.0 302 Found
Location: https:///test.html
Server: BIG-IP
Connection: close
Content-Type: text/html
Content-Length: 0
HTTP::uri is working alright, so why is HTTP::host staying blank? If I replace [HTTP::host] with a static hostname, the redirect works properly.
The web application is seeing a proper HTTP_HOST, so from what I can tell, nothing's getting mangled. The only unusual thing about this we don't have a reverse DNS entry for this system (but that shouldn't matter, right?).
Thanks,
Ryan
3 Replies
hoolioCirrostratus
Hi,
If you send a request 'GET /test.html' to the VIP, you aren't including the Host header, so the redirect will be to https://test.html. If you make a request using 'GET /test.html HTTP/1.0\r\nHost: test.example.com' the HTTP::host command will return test.example.com. I would guess that the web server is assuming a default host value for the request.
You could add a check to the iRule which redirects to the VIP's IP address if no host is specified. Or if you know that clients can be redirected to a single domain, you could hard code it.
Here is an example of the first option:when HTTP_REQUEST { Check if Host header value has a length if {[string length [HTTP::host]]}{ Redirect to the requested host HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri] } else { Redirect to VIP's IP address HTTP::redirect https://[IP::local_addr][HTTP::uri] } }
If you wanted to hardcode the domain for redirects when the Host header doesn't have a value, just change [IP::local_addr] to the host you want.
Aaron
Ryan_MWow. If I understand you correctly, then this is a valuable lesson in many ways. I was convinced that http_host was set by the server, not by the client; however, it appears I'm wrong.
I switched the VS back to my original iRule, and the VS, surprisingly, went Green. It appears I've just been impatient with the iRule.
However, I'd rather not redirect the user to a ip address if it's blank... Is there a way to get at the server_name then?
Thanks for the help!
Ryan- hoolioThe host is a value the client should set (optional in HTTP 1.0, required in HTTP 1.1) to indicate which web application on the web server it is making a request to. The idea was to allow servers to support multiple web applications without needing a separate IP address and port per web app. So yes, the client is supposed to tell the server which host it's making the request to. I would guess that you're web server is setting the HTTP_HOST CGI variable to the default HTTP host on the server if the client doesn't specify a host. Most clients (ie, all modern browsers) will specify the fully qualified domain in the address bar for a request in the HTTP host header, so this shouldn't really be an issue in most cases.
There isn't a simple way to determine what the default host of the web server is from an iRule on the BIG-IP. If you're opposed to using the VIP's IP address in the redirect, your next best option would probably be to hard code the host to use in a redirect if the client doesn't specify it in their request.
Aaron
