Forum Discussion
NimbostratusHTTPS: Remove www. from hostname
This code appears to work for our HTTP (plain-text sites):
when HTTP_REQUEST {
Check if the host starts with www.
if {([string tolower [HTTP::host]] starts_with "www.")} {
HTTP::header replace Host "[string range [HTTP::host] 4 end]"
}
}It does not work when applied to a HTTPS enabled VIP. Is there something else I need to do to when using HTTPS?
What is needs to happen: Global rule which will look for any string which begins with "www." and remove it. What is expected: www.site1.com becomes site1.com; www.site2.com becomes site2.com
6 Replies
- nitass
Employee
It does not work when applied to a HTTPS enabled VIP. Is there something else I need to do to when using HTTPS?
what does the not-working mean? is connection reset?
by the way, you know HTTP::header does not change display url in browser, don't you?
rkrenzis1) www. is not explicitly removed from the display URL in the browser when the session is HTTPS. 2) HTTP::header replace Host is functional with HTTP, not HTTPS.
nitass_89166Noctilucent
It does not work when applied to a HTTPS enabled VIP. Is there something else I need to do to when using HTTPS?
what does the not-working mean? is connection reset?
by the way, you know HTTP::header does not change display url in browser, don't you?
- rkrenzis1) www. is not explicitly removed from the display URL in the browser when the session is HTTPS. 2) HTTP::header replace Host is functional with HTTP, not HTTPS.
- nitass
www. is not explicitly removed from the display URL in the browser when the session is HTTPS
if you want to change display url, i think you have to use HTTP::redirect rather than HTTP::header.
config [root@ve11a:Active:In Sync] config tmsh list ltm virtual bar ltm virtual bar { destination 172.28.24.10:443 ip-protocol tcp mask 255.255.255.255 pool foo profiles { clientssl { context clientside } http { } tcp { } } rules { qux } source 0.0.0.0/0 source-address-translation { type automap } vs-index 4 } [root@ve11a:Active:In Sync] config tmsh list ltm rule qux ltm rule qux { when HTTP_REQUEST { if {([string tolower [HTTP::host]] starts_with "www.")} { HTTP::redirect "https://[string range [HTTP::host] 4 end][HTTP::uri]" } } } test [root@ve11a:Active:In Sync] config curl -Ik https://www.site1.com/something HTTP/1.0 302 Found Location: https://site1.com/something Server: BigIP Connection: Keep-Alive Content-Length: 0 - Kevin_Stewart
To Nitass' point, the HTTP::header replace command would not necessarily alter the browser URL. It's going to be applied to the ingress flow, so only the server should see it. Of course if the application causes a redirect after the fact, then that's something else entirely. For what it's worth, the HTTP iRule you have above should work for HTTP and HTTPS as long as the virtual server has decrypted access to the request payload. So two questions:
-
Are you offloading SSL at the virtual server, via client SSL profile? If not, then you cannot parse HTTP headers in an iRule.
-
On the HTTP virtual server, given the above iRule code, does the browser URL actually change (removes the "www.")? If so, do you have some other iRule code applied, or does the server issue a redirect to that URL?
-
