irule for allowing mixed content

Question

One of our websites protected by SSL (SSL certificate is installed on our BIG-IP LTM ) contains reference links (pictures, menu bars)to http.  
&nbsp; When someone is hitting the web site using IE8, http gets redirected to https (I have an irule for that) but is getting a warning message "do you want to view only the webpage content that was delivered securely?"  
&nbsp; Is it any way to create an irule to allow mixed content so the browser would not show the warning? 
&nbsp;  
&nbsp; The irule I use for http redirection is: 
&nbsp;  
&nbsp; when HTTP_REQUEST { 
&nbsp;     HTTP::redirect https://[HTTP::host][HTTP::uri] 
&nbsp; } 
&nbsp;  
&nbsp; Thank you all for help 
&nbsp;  
&nbsp; Sorin

the_bhattman · Answer

Hi Sorin, 
&nbsp;     I haven't found any way on an iRule  - more or less I fixed the mixed content that was being displayed OR adjusted my browser not to warn me about mixed content. 
&nbsp;  
&nbsp; CB &nbsp;

sbadea_81872 · Answer

Adjusting the browser was not an option. I have found a solution by using a customized stream profile. Read this solution posted on support web site 
&nbsp; https://support.f5.com/kb/en-us/solutions/public/8000/100/sol8115.html 
&nbsp;  
&nbsp; Thanks, S.

hoolio · Answer

Hi Sorin, 
  
 Make sure to explicitly disable the stream filter if the response type isn't text.  This is something that SOL8115 doesn't show, but should.

when HTTP_RESPONSE { 
    if { [HTTP::header Content-Type] starts_with "text/" }{ 
       STREAM::expression "@abc@123@" 
       STREAM::enable 
    } else { 
       STREAM::disable 
    } 
 }

Also, if the string you're replacing is a different length than the replacement string, you'll need to create a custom HTTP profile with response chunking set to rechunk. This gets around a mismatch in content length as chunked responses don't use a content length header. 
  
 Aaron

jaz_170005 · Answer

Hi,
can you please share our solution. 
I am facing the same situation. main app run son https, within main app there is iFrame which supposed to direct user to another app which runs on http. 
e.g
https://mainapp.domain.com
iframe within main app  is http://subapp.domain.com.&nbsp;
I used iRule to redirect user to subapp:
if https://mainapp.domain.com/subapp --&gt; http://subapp.domain.com.&nbsp;
I get mixed contents error from browser when loading iFrame. if I change browser setting, it load with no issue but that is not an option.&nbsp;
thank you in advance.&nbsp;

Forum Discussion

irule for allowing mixed content

4 Replies

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

F5 Academies Are Back – And We’re Coming to a City Near You

Recent Discussions

APM Access Policy|SSLVPN | SAML auth questionnaires

Unable to install firmware OS and drop at 10%

Two Arm Deployment mode using PBR

libxml2 and CVE-2024-25062

How to Integrate F5 Anti-Virus with Fortisandbox using ICAP

Related Content

iRule to modify a content-security-policy header

Layer 7 Content Routing in F5 XC

DevCentral Content Highlights

IRule to Allow Counries F5 13.0 Software

This DevCentral Content has been Archived or Deleted

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS