Forum Discussion

ucgwebmaster_95's avatar
ucgwebmaster_95
Icon for Nimbostratus rankNimbostratus
Apr 03, 2009

Popup for secure and non secure pages

I have many websites which have a port 80 VIP and port 443 VIP. There are links on the page which are http and when going to the port 443 VIP. You receive that IE popup with secure and non secure cont...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Apr 06, 2009
Hi ucgwebmaster,

 

 

If the app includes http:// references within https pages, you would need to change the app to not use absolute references to http:// or rewrite the references to https:// to avoid the browser warning about insecure content.

 

 

If you can't fix this within the application, you can use configuration changes and/or an iRule on LTM to do it. First, check where the http:// reference is (response headers and/or response content). You can use a browser plugin like HttpFox for Firefox or Fiddler for IE. If the http:// reference is in the Location header, you can use the Rewrite Redirects field on the HTTP profile to rewrite this from http:// to https://. If the http:// reference is in the response payload you can use a stream profile and STREAM::expression to configure the stream filter. There are a few examples on the STREAM::expression wiki page (Click here). If the string you're replacing is a different length than the replacement string, you'll need to create a custom HTTP profile with response chunking set to rechunk. This gets around a mismatch in content length as chunked responses don't use a content length header.

 

 

Aaron