Redirection Issues

Question

Hi everyone,
&nbsp;i am facing a problem and unable to solve it. I hope someone will help me solving this issue.&nbsp;
&nbsp;Let me explain the scenario.&nbsp;
&nbsp;In Data Group Members i have two lists say Secure and UnSecure, both of these have the URL patterns. Let's see the contents of these two lists.&nbsp;&nbsp;Secure:
&nbsp;/abc
&nbsp;/x/ghj
&nbsp;httpsecure=y
&nbsp;httpsecure=Y&nbsp;&nbsp;UnSecure:
&nbsp;/abc
&nbsp;/x/ghj
&nbsp;httpsecure=y
&nbsp;httpsecure=Y&nbsp;
&nbsp;In iRules i have two files again named Secure and UnSecure.&nbsp;&nbsp;&nbsp;Secure:
&nbsp;when HTTP_REQUEST {
&nbsp;// Here is an if condition that actually looks if the request(url pattern) is in the UnSecure List. //If it's not, below line executes
&nbsp;    HTTP::redirect https://[HTTP::host][HTTP::uri]
&nbsp;     } 
&nbsp;}&nbsp;&nbsp;UnSecure:
&nbsp;when HTTP_REQUEST {&nbsp;
// Here is an if condition that actually looks if the request(url pattern) is not in the UnSecure List. //If it's not, below line executes&nbsp;
    HTTP::redirect https://[HTTP::host][HTTP::uri]&nbsp;
     } &nbsp;
}&nbsp;&nbsp;
&nbsp;Now, if i land on /x/ghj page, it takes me to the https but as soon as i get back to another page say /zxcv, it keeps me on https. Can anyone kindly help me how can i redirect myself to http once i go to /zxcv from /x/ghj&nbsp;&nbsp;
&nbsp;I am looking for help and hope i will get it.&nbsp;
&nbsp;Regards...&nbsp;&nbsp;

nitass · Answer

not sure if i understand correctly. is it something like this? 
  
 [root@ve1023:Active] config  b virtual bar80 list
virtual bar80 {
   snat automap
   pool foo
   destination 172.28.19.79:80
   ip protocol 6
   rules rule80
   profiles {
      http {}
      tcp {}
   }
}
[root@ve1023:Active] config  b class Secure list
class Secure {
   {
      "/abc"
      "/x/ghj"
      "httpsecure=Y"
      "httpsecure=y"
   }
}
[root@ve1023:Active] config  b rule rule80 list
rule rule80 {
   when HTTP_REQUEST {
        if { [class match -- [string tolower [HTTP::uri]] contains Secure] } {
                HTTP::redirect "https://[HTTP::host][HTTP::uri]"
        }
}
}

[root@ve1023:Active] config  b virtual bar443 list
virtual bar443 {
   snat automap
   pool foo
   destination 172.28.19.79:443
   ip protocol 6
   rules rule443
   profiles {
      clientssl {
         clientside
      }
      http {}
      tcp {}
   }
}
[root@ve1023:Active] config  b rule rule443 list
rule rule443 {
   when HTTP_REQUEST {
        if { not [class match -- [string tolower [HTTP::uri]] contains Secure] } {
                HTTP::redirect "http://[HTTP::host][HTTP::uri]"
        }
}
}

[root@ve1023:Active] config  curl -I http://172.28.19.79/x/ghj/something
HTTP/1.0 302 Found
Location: https://172.28.19.79/x/ghj/something
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

[root@ve1023:Active] config  curl -Ik https://172.28.19.79/zxcv/something
HTTP/1.0 302 Found
Location: http://172.28.19.79/zxcv/something
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

Forum Discussion

Redirection Issues

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

issue with irule redirecting with # string

Anchor Link Redirect

Regex issue

(HTTP) Redirection via Arbitrary Host Header

TACACS issue

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS