Manipulation for login page of Server response

Question

Hello,&nbsp;
Requirement : End user should hit my company's portal"https://abc.com/shop/" &amp; f5 should act as reverse proxy &amp; forward the request to third party portal "https://xyz.com/shop/".&nbsp;
Problem : I could replace the host from request &amp; send to the backend server which has been hosted on internet. Server responds with login page which has username, password text boxes &amp; Login button. When end user clicks on login button it gets redirected to third party portal "https://xyz.com/shop/". While analyzing the source code of webpage it was found that under form tag of html page there is action tag which points it to "https://xyz.com/shop/".
I tried stream expression in server response as mentioned below
when HTTP_RESPONSE {&nbsp;
STREAM::disable
STREAM::expression {@action=}&nbsp;
STREAM::enable
log local0. "Stream Expression Replaced"
}
I could see the"Stream Expression Replaced" in LTM logs however when I click on login button, it goes to https://xyz.com/shop instead of https://abc.com/shop.
Even after steam expression applied, I still see action=https://xyz.com/shop in source for server response.
Please suggest how do I intercept server response in order to manipulate action under form tab.&nbsp;
Thanks in advance.&nbsp;

nitass · Answer

did you remove accept-encoding request header?&nbsp;
Since HTTP compression on the server prevents the BIG-IP system from reading the data stream and performing the intended replacement, you may need to configure the HTTP profile to remove the Accept-Encoding header in the request to prevent compression by the server.&nbsp;
sol8115: Overview of the Stream profile&nbsp;
https://support.f5.com/kb/en-us/solutions/public/8000/100/sol8115.html&nbsp;

nitass_89166 · Answer

did you remove accept-encoding request header?&nbsp;
Since HTTP compression on the server prevents the BIG-IP system from reading the data stream and performing the intended replacement, you may need to configure the HTTP profile to remove the Accept-Encoding header in the request to prevent compression by the server.&nbsp;
sol8115: Overview of the Stream profile&nbsp;
https://support.f5.com/kb/en-us/solutions/public/8000/100/sol8115.html&nbsp;

sachin_dixit_13 · Answer

Yes I have HTTP::header remove "Accept-Encoding" command in HTTP_REQUEST event

sachin_dixit_13 · Answer

Yes I have HTTP::header remove "Accept-Encoding" command in HTTP_REQUEST event

nitass · Answer

can you try STREAM_MATCHED to see if it matches?&nbsp;
STREAM_MATCHED&nbsp;
https://devcentral.f5.com/wiki/iRules.STREAM_MATCHED.ashx&nbsp;

Forum Discussion

Manipulation for login page of Server response

5 Replies

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

ASM allow specific url from outside country of geolocation ON

Bot Defense causing a lot of false positives

F5 DNS Logs in JSON Format

APM - Portal access - Issue

How to configure ssh access by key on F5OS

Related Content

F5 NGINX API Gateway: Simplify Response Manipulation

Remove X- Headers From Web Server Response

Introduction of Incident Response

Virtual server connection limit with HTTP response

RADIUS authentication packet manipulation library

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS