iRule Magic

Problem:

 

With the introduction of Office 365 ATP, companies are taking advantage of Safe Links which is Microsoft's way of fighting phishing links. They basically add/remove certain items to URLs within emails causing the functionality to break. Here are the details:

 

Safe Link:

 

https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Ftest.test.com%2Ft%2FBA%2FCkA%2FE2I%2FABqYWA%2FAA%2FMTUxMzV8aHR0cHM6Ly9wcm8ubW9uZXltYXBwcmVzcy5jb20vbS83ODM4MzM-ZW1haWw9Sk9ITiU0MDE0d2VzdGl0Lm9ubWljcm9zb2Z0LmNvbSZhPTQmbz0yNjI0JnM9NDk2MiZ1PTE3NDI5MzYmbD0xNTEzNSZyPU1DMiZ2aWQ9NDJjTGZKJmc9MA.%2FAQ%2FfWN2 &data=01%7C01%7CJOHN%40test.onmicrosoft.com%7C8c301346ecf44931dbab08d5206f5bc9%7C1b2f42ecbe1e4e0592fe04468cdc0aa1%7C0&sdata=npFWNOTpd2MxdHOaq4sycSfnukxdmvsxuuG%2BrRxmz2s%3D&reserved=0

 

Upon clicking on the link, it goes to:

 

http://test.test.com/t/BA/CkA/E2I/ABqYWA/AA/MTUxMzV8aHR0cHM6Ly9wcm8ubW9uZXltYXBwcmVzcy5jb20vbS83ODM4MzM-ZW1haWw9Sk9ITiU0MDE0d2VzdGl0Lm9ubWljcm9zb2Z0LmNvbSZhPTQmbz0yNjI0JnM9NDk2MiZ1PTE3NDI5MzYmbD0xNTEzNSZyPU1DMiZ2aWQ9NDJjTGZKJmc9MA/AQ/fWN2

 

The link should go to:

 

http://test.tes.com/t/BA/CkA/E2I/ABqYWA/AA/MTUxMzV8aHR0cHM6Ly9wcm8ubW9uZXltYXBwcmVzcy5jb20vbS83ODM4MzM-ZW1haWw9Sk9ITiU0MDE0d2VzdGl0Lm9ubWljcm9zb2Z0LmNvbSZhPTQmbz0yNjI0JnM9NDk2MiZ1PTE3NDI5MzYmbD0xNTEzNSZyPU1DMiZ2aWQ9NDJjTGZKJmc9MA./AQ/fWN2

 

Requirements:

 

1. It seems that the 9th position is missing a period and was likely stripped out by Office 365 upon clicking the link so that needs to be added back.
2. Remove the last 8 positions and base64 decode the remaining 8 positions

There are going to be discussion on this internally but I was more curious about adding in the period at the 9th position (from the right) and base64 decode the remaining 8 positions if that makes any sense. Any help is greatly appreciated.