For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

justin_westover's avatar
justin_westover
Icon for Nimbostratus rankNimbostratus
Aug 03, 2014

Remove port from HTTP header

We setup a SSRS (SQL Server Report server) behind our F5 and we learned quickly that this didn't behave like any normal IIS based site. The first problem we resolved was the redirect the site issues so we had to create a VIP on the F5 for HTTPS and HTTP. We don't use the standard port 80 on the SSRS server so when the SSRS server redirects to HTTP it also places port 10000 into the URL and the client receive this port and it obviously breaks the connection. I used the below iRule to try and correct this issue but with no success. Thoughts? NOTE: I've removed the real URL and replaced it with a generic domain.com.

when HTTP_RESPONSE { HTTP::header remove Accept-Encoding

STREAM::disable only do this for text-based responses

if { [HTTP::header Content-Type] contains "text" } {

establish the stream expression

STREAM::expression {@http://domain.com:10000/Reports@https://domain.com/Reports@} 
     enable stream processing            
    STREAM::enable
}

}

application delivery
devops
iRules

1 Reply

  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Aug 04, 2014

    The above will only replace the data in the response payload. Still important, but for a redirect the URI is in the response headers.

    when HTTP_REQUEST {
    HTTP::header remove Accept-Encoding
    STREAM::disable
}
when HTTP_RESPONSE {
    if { [HTTP::header exists Location] } {
        HTTP::header replace Location [string map -nocase {"domain.com:10000" "domain.com"} [HTTP::header Location]]
    }

    if { [HTTP::header Content-Type] contains "text" } {
        STREAM::expression {@domain.com:10000@domain.com@}
        STREAM::enable
    }
}