For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Pael_74584's avatar
Pael_74584
Icon for Nimbostratus rankNimbostratus
Mar 29, 2010

iRule to intercept http redirection of server to client and convert to https

We are using Storefront as our webserver and we have an SSL Virtual Server. The webserver redirects the user to http://domain.com/URI1 or http://domain.com/URI2. This would then invalidate the SSL ses...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Mar 29, 2010
Hi Pael,

Sure, you can rewrite HTTP response headers or payloads. If you want to rewrite all redirect locations you can create a custom HTTP profile with Rewrite Redirects enabled. Or if you want to be more selective, you can use an iRule to check the Location header value before rewriting http:// to https://: 

 
  when HTTP_RESPONSE { 
  
     Check if server response is a redirect 
    if { [HTTP::header is_redirect]} { 
  
        Check if path in Location header set to lower case contains /uri1 or /uri2 
       switch -glob [string tolower [URI::path [HTTP::header Location]]] { 
          "/uri1*" - 
          "/uri2*" { 
              Log original and updated values 
             log local0. "Original Location header value: [HTTP::header value Location],\ 
                updated: [string map -nocase "http:// https://" [HTTP::header value Location]]" 
  
              Do the update, replacing http:// with https:// 
             HTTP::header replace Location [string map -nocase "http:// https://" [HTTP::header value Location]] 
          } 
       } 
    } 
 }

Aaron