For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

DaZZa's avatar
DaZZa
Icon for Nimbostratus rankNimbostratus
Jun 26, 2017

HTTPS redirection with exceptions

Hi.   I have a web site which is used to by developers to build out corporate product. Because it's used for QA purposes, I want it to be as realistic as possible - but I am putting all the associ...
application delivery
BIG-IP
iRules
CharlesCS's avatar
CharlesCS
Icon for Cirrus rankCirrus
Jun 27, 2017

Presumably you don't care about the query string (if present), so you can simply focus on the path. If there are relatively few exception URIs that aren't being forwarded to HTTPS, you might code something like this:

 

when HTTP_REQUEST {
  switch -glob [string tolower [HTTP::path]] {
    "/foo/" -
    "/bar*" -
    "/some/particularly/long/example/" { return }
    default {
      HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri] 
    }
  }
}

If there are a large number of URIs, you might consider creating a data group and using class match instead of the switch command.

 

when HTTP_REQUEST {
  if { [class match [HTTP::path] starts_with exception_URI_list] } {
    return
  }
  HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]
}