Forum Discussion
hooleylist
Aug 01, 2012Cirrostratus
Hi Chakri,
In order to inspect the HTTP host header value for all browsers, you'd need to decrypt the SSL and parse the HTTP headers.
If you have a controlled population of users and guarantee they use more current browsers, you could potentially do this by reading the TLS server name indicator from the SSL handshake:
http://en.wikipedia.org/wiki/Server_Name_Indication
Here's an example from Joel Moses showing how you can parse the TLS SNI value:
https://devcentral.f5.com/wiki/iRules.TLS-ServerNameIndication.ashx
Aaron