Forum Discussion
Insert x-forwarded-proto and x-forwarded-port - Is this the correct way to do it?
Hi,
In your irule, you add only one header, X-Forwarded-Proto or X-Forwarded-Port (else if statement).
Evaluate port 443 is not the best way to test if protocol is HTTPS. Evaluate SSL::mode instead.
Try the following irule.
when HTTP_REQUEST {
if { [SSL::mode] == 1 } {
if {!( [HTTP::header "X-Forwarded-Proto"] eq "https") }{
HTTP::header insert X-Forwarded-Proto "https"
}
if { !( [HTTP::header exists "X-Forwarded-Port"]) }{
HTTP::header insert X-Forwarded-Port [TCP::local_port]
}
}
- prvndeshmukh25Mar 10, 2023Nimbostratus
Getting an error about
01070151:3: Rule [/Common/x-Forwarded-Proto] error: /Common/x-Forwarded-Proto:2: error: [undefined procedure: ssl::mode][ssl::mode]
- Mar 10, 2023
Are you decrypting on the way in?
So you have a client ssl profile set? and more importantly the f5 can see the request coming in so it can add the header? To me its trying at add the header but ssl/encryption is in the way.- prvndeshmukh25Mar 10, 2023Nimbostratus
Actaully instead of client ssl, trying iRule configuration as per script given above but getting an error which shared earlier..
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com