irule: http to https for a specific host

I have the following rule but it does not interpret $host variable

 

 

when HTTP_RESPONSE {

 

set host [string tolower [HTTP::host]]

 

 

Check if server response is a redirect

 

if { [HTTP::status] == "302"} {

 

 

Check if path in Location header set to lower case contains /uri1 or /uri2

 

switch -glob [string tolower [URI::host [HTTP::header value Location]]] {

 

$host

 

{

 

Do the update, replacing http:// with https://

 

HTTP::header replace Location [string map -nocase "http:// https://" [HTTP::header value Location]]

 

}

 

}

 

}

 

}

 

 

 

 

If i hardcode the $host variable in the switch statement, it works. Not able to figure out why.

You can capture the protocol in the HTTP::header on the Response and change it.

Try this and let me know if it works for you.

when HTTP_RESPONSE {
if { [ HTTP::is_redirect]  and [URI::protocol [HTTP::header "Location" ]] eq "http" } {
set path [findstr [HTTP::header "Location" ] "//" 2  ]
HTTP::header replace "Location" "https://$path"
}
}

Hi Milan,

 

 

HTTP::host doesn't work in HTTP_RESPONSE. You can save the value in HTTP_REQUEST and then reference the variable. As Michael showed, it would be good to use HTTP::is_redirect to look for all redirect status codes instead of just 302's.

 

 

Aaron

Posted By Michael Yates on 03/17/2011 09:07 AM

You can capture the protocol in the HTTP::header on the Response and change it.

Try this and let me know if it works for you.

 when HTTP_RESPONSE { if { [ HTTP::is_redirect] and [URI::protocol [HTTP::header "Location" ]] eq "http" } { set path [findstr [HTTP::header "Location" ] "//" 2 ] HTTP::header replace "Location" "https://$path" } } 

I really needed this and it works like a charm!

I like to fix such things on the F5, instead of educating application developpers. 😉