Forum Discussion
NimbostratusProxypass or Irule to load regular http traffic on a https page....is this even possible
I have a site that I'm using the F5 for SSL offload. After deploying this, the site makes a JSON API call to brightcove to host some video and thumbnails on the site. Since we are now offloading SSL to the F5, the thumbnail images & video are not loading because brightcove does not have there ssl site up working correctly.
Is there a way for me to use the ProxyPass Irule or another Irule to send all requests that originate from https to http just for those images? I know some browsers will present messages about mixed secure/non secure content, but we would like to get the vids up running on the secure site now.
We have used the proxypass rule before.
would it be as simple as make a dataclass with the following: http://localserver/vidpath : http://brightcove/uri_path?
Thanks in advance.
6 Replies
Mohamed_LrhaziAltocumulus
", the site makes a JSON API call to brightcove .... the thumbnail images & video are not loading"
PHP or other code on the app server does those API calls? or JavaScript on the client side?
Do you mean to say that the HTML and/or JavaScript has the wrong URLs? in which case you would be asking about "Stream Profile"
- Kevin_Stewart
Employee
Just to be clear, does the server reach out to get the videos and then present those to the client, or does the server send the client a reference to the video server so that they are accessed directly?
jquinones82_469Can you answer two questions for me? I got some F5 Mods trying to help me.
1) Just to be clear, does the server reach out to get the videos and then present those to the client, or does the server send the client a reference to the video server so that they are accessed directly?
As the user's browser loads the page, the page contains references for the images. The images URL is there in the returned HTML which is generated from json object returned by Brightcove and the HTML page sent to the users browser is generated on our end.
What we are doing is, as we generate that HTML page on the server, we replace the initial part of the URLs for the images with https://www.domain.com/brightcovethumb/
2)", the site makes a JSON API call to brightcove .... the thumbnail images & video are not loading"
PHP or other code on the app server does those API calls? or JavaScript on the client side? Correct in this case its Coldfusion which is server side code.
Do you mean to say that the HTML and/or JavaScript has the wrong URLs? in which case you would be asking about "Stream Profile"
I tried the stream profile and it didn't work.
From the F5 perspective
the users browser will request images from https://www.domain.com/brightcovethumb/*
it needs to intercept these calls and proxy to the brightcove URL http://brightcove.vo.llnwd.net/*
- jquinones82_469
Can you answer two questions for me? I got some F5 Mods trying to help me.
1) Just to be clear, does the server reach out to get the videos and then present those to the client, or does the server send the client a reference to the video server so that they are accessed directly?
As the user's browser loads the page, the page contains references for the images. The images URL is there in the returned HTML which is generated from json object returned by Brightcove and the HTML page sent to the users browser is generated on our end.
What we are doing is, as we generate that HTML page on the server, we replace the initial part of the URLs for the images with https://www.domain.com/brightcovethumb/
2)", the site makes a JSON API call to brightcove .... the thumbnail images & video are not loading"
PHP or other code on the app server does those API calls? or JavaScript on the client side? Correct in this case its Coldfusion which is server side code.
Do you mean to say that the HTML and/or JavaScript has the wrong URLs? in which case you would be asking about "Stream Profile"
I tried the stream profile and it didn't work.
From the F5 perspective
the users browser will request images from https://www.domain.com/brightcovethumb/*
it needs to intercept these calls and proxy to the brightcove URL http://brightcove.vo.llnwd.net/*
- Mohamed_Lrhazi
You might be able to do this: The virtual server that handles https://www.domain.com/brightcovethumb/*, make it use a pool composed of one member: brightcove.vo.llnwd.net
The Virutal will need SNAT enabled. Will also probabaly need an iRule to fix the Host header in the requests to replace www.domain.com with brightcove.vo.llnwd.net
- Kevin_Stewart
Right, so as Mohamed says, something like this:
when HTTP_REQUEST { if { [string tolower [HTTP::uri]] starts_with "/brightcovethumb/" } { HTTP::uri [string map {"/brightcovethumb/" "/"} [HTTP::uri]] HTTP::header replace Host "brightcove.vo.linwd.net" pool brightcove_pool } }You may or may not either need to enable or disable SNAT. You could also, potentially, just change the URI and redirect the user to the real Brightcove server.
