Forum Discussion

escman's avatar
escman
Icon for Cirrus rankCirrus
Jun 14, 2023

Looking for help with stream log

Hi everyone,

I have this follow iRule that works fine for stream some http content within https pages.

when HTTP_REQUEST {
    STREAM::disable
    HTTP::header remove "Accept-Encoding"
}
when HTTP_RESPONSE {
    if { [HTTP::header exists Location] } {
      HTTP::header replace Location [string map {"http://" "https://"} [HTTP::header Location]]
      }
    if { ([HTTP::header Content-Type] contains "text/css") or ([HTTP::header Content-Type] contains "text/json") or ([HTTP::header Content-Type] contains "text/html") or ([HTTP::header Content-Type] contains "text/webviewhtml") or ([HTTP::header Content-Type] contains ".htm") or ([HTTP::header Content-Type] contains ".html") or ([HTTP::header Content-Type] contains ".htt") or ([HTTP::header Content-Type] contains "stm") or ([HTTP::header Content-Type] contains ".xsl")} {
           STREAM::expression [list {@http://www.domain.com@https://www.domain.com@} {@http://domain.com@https://domain.com@}{@http://wwws.domain.com@https://wwws.domain.com@}]
           STREAM::enable
    }
    elseif { [HTTP::header value Content-Type] contains "image/svg+xml"} {
    STREAM::disable
    }
}

For now I need to log the HTTP occurrences that were replaced by https, I done this follow iRule:

when HTTP_REQUEST {
    STREAM::disable
    HTTP::header remove "Accept-Encoding"
}
when HTTP_RESPONSE {
    if { [HTTP::header exists Location] } {
	if { [HTTP::header Location] contains "http://" } {
	set location_http [HTTP::header Location]
	log local0. "Location with HTTP value found: $location_http"
    HTTP::header replace Location [string map {"http://" "https://"} [HTTP::header Location]]
      }
	}
    if { ([HTTP::header Content-Type] contains "text/css") or ([HTTP::header Content-Type] contains "text/json") or ([HTTP::header Content-Type] contains "text/html") or ([HTTP::header Content-Type] contains "text/webviewhtml") or ([HTTP::header Content-Type] contains ".htm") or ([HTTP::header Content-Type] contains ".html") or ([HTTP::header Content-Type] contains ".htt") or ([HTTP::header Content-Type] contains "stm") or ([HTTP::header Content-Type] contains ".xsl")} {
	    if { [HTTP::payload] contains "http://" } {
		set http_payload [HTTP::payload]
		log local0. "Payload with HTTP value found:: $http_payload" 
		   STREAM::expression [list {@http://www.domain.com@https://www.domain.com@} {@http://domain.com@https://domain.com@}{@http://wwws.domain.com@https://wwws.domain.com@}]
           STREAM::enable
		log local0. "Payload HTTP after streamed: [HTTP::payload]"
    }
}
    elseif { [HTTP::header value Content-Type] contains "image/svg+xml"} {
    STREAM::disable
    }
}

But I understand that maybe this code can be improved, any ideas on what I can change on it?

Thanks!