For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Angelo's avatar
Angelo
Icon for Nimbostratus rankNimbostratus
Aug 08, 2012

rewrite body of web-site

Hi is it possible to write body of a web-site where the code says http i need to change it to https. can anyone assist...
application delivery
dev
devops
iRules

3 Replies

  • Michael_Yates's avatar
    Michael_Yates
    Icon for Nimbostratus rankNimbostratus
    Aug 08, 2012
    Hi Angelo,

    It is absolutley possible.

    You can do this using the base LTM Functionality within a Stream Profile or a combination of a blank stream profile and an iRule using the STREAM::expression command.

    Stream Profile

    Local Traffic -> Profiles -> Other -> Stream

    - Parent Profile: stream

    - Source: http

    - Target: https

    Stream Expression

    Go to the location above and create a "blank" stream profile

    - Parent Profile: stream

    - Source: leave.blank

    - Target: leave.blank

    Apply the blank stream profile to the Virtual Server and then apply the iRule example on the STREAM::expression Wiki Page. 

     
 Example which replaces http:// with https:// in response content
 Prevents server compression in responses
when HTTP_REQUEST {

    Disable the stream filter for all requests
   STREAM::disable

    LTM does not uncompress response content, so if the server has compression enabled
    and it cannot be disabled on the server, we can prevent the server from 
    sending a compressed response by removing the compression offerings from the client
   HTTP::header remove "Accept-Encoding"
}
when HTTP_RESPONSE {

    Check if response type is text
   if {[HTTP::header value Content-Type] contains "text"}{

       Replace http:// with https://
      STREAM::expression {@http://@https://@}

       Enable the stream filter for this response only
      STREAM::enable
   }
}

    Hope this helps.
  • Angelo's avatar
    Angelo
    Icon for Nimbostratus rankNimbostratus
    Aug 10, 2012
    Thanks micheal it's working.. the only thing is now the requirment has changed again... not the only need one URI changed so how can i rewrite the rule to only convert HTTP://www.test.com to HTTPS://www.test.com
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Aug 10, 2012
    e.g. 

    [root@ve10:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.79:80
   ip protocol 6
   rules myrule
   profiles {
      http {}
      stream {}
      tcp {}
   }
}
[root@ve10:Active] config  b pool foo list
pool foo {
   members 200.200.200.101:80 {}
}
[root@ve10:Active] config  b rule myrule list
rule myrule {
   when HTTP_REQUEST {
   STREAM::disable
   HTTP::header remove "Accept-Encoding"
}
when HTTP_RESPONSE {
   if {[HTTP::header value Content-Type] contains "text"}{
      STREAM::expression {@http://www.test.com@https://www.test.com@}
      STREAM::enable
   }
}
}

 response from server

[root@ve10:Active] config  curl http://200.200.200.101/test.html
start of content
hello world
url is http://www.test.com/something
another url is http://www.googe.com/
end of content

 response from bigip
 
[root@ve10:Active] config  curl http://172.28.19.79/test.html
start of content
hello world
url is https://www.test.com/something
another url is http://www.googe.com/
end of content