Forum Discussion
Keith_90333
Mar 18, 2016Nimbostratus
Just an follow-up... we did encounter a situation where we did do stream rewrites for replacing HTTP urls for profile pictures with HTTPS ones...
I'm going to add the code we did just as an example even though you solved your issue with correct use of AAMs in SP.
SharePoint-MS_SSL_Profile_Photo_Fix
This iRule is used to replace a non-HTTPS image reference from mysites for
profile pictures with an HTTPS URL. This rule is written to work for both
PROD and QATC without any need to modify it.
To enable logging, update this rule to set static::single_vs_debug from 0 to
1 in the RULE_INIT block below.
@author XXXXX
@since 2013-08-27
when RULE_INIT {
Set this option to 1 to log debug messages (to /var/log/ltm by default)
set static::profile_photo_debug 0
}
when CLIENT_ACCEPTED {
set CLIENT_IP [IP::client_addr]
}
when HTTP_REQUEST {
REQUESTED_URL is used in a logging statement
if {$static::profile_photo_debug}
{
set REQUESTED_URL "Request page: [HTTP::host][HTTP::path] (QS omitted)"
}
set HOST_LOWER [string tolower [HTTP::host]]
my assumption here is that we aren't adding any additional subdomains
if HOST_LOWER is: ms-collab-dev.qatc.MY_TLD then
STR_START will be: ms-collab-dev
set STR_START [lindex [split $HOST_LOWER "."] 0]
disable for all requests
STREAM::disable
}
when HTTP_RESPONSE {
if {[HTTP::header value Content-Type] contains "text"}
{
doing this allows us to not have different copies of this rule for
each environment.
switch -glob $STR_START {
"*collab" { match either 'collab' or 'ms-collab'
set DOMAIN_TO_MATCH "ms-collab.MY_TLD"
}
"*collab-uat" { match either 'collab-uat' or 'ms-collab-uat'
set DOMAIN_TO_MATCH "ms-collab-uat.MY_TLD"
}
"*collab-dev" { match either 'collab-dev' or 'ms-collab-dev'
set DOMAIN_TO_MATCH "ms-collab-dev.qatc.MY_TLD"
}
"*collab-test" { match either 'collab-test' or 'ms-collab-test'
set DOMAIN_TO_MATCH "ms-collab-test.qatc.MY_TLD"
}
}
set MYSITE_HTTP "http://$DOMAIN_TO_MATCH/User%20Photos/Profile%20Pictures/"
set MYSITE_HTTPS "https://$DOMAIN_TO_MATCH/User%20Photos/Profile%20Pictures/"
set MYSITE_HTTP_80 "http://$DOMAIN_TO_MATCH:80/User%20Photos/Profile%20Pictures/"
match and replace
STREAM::expression "@$MYSITE_HTTP_80@$MYSITE_HTTPS@ @$MYSITE_HTTP@$MYSITE_HTTPS@"
enable for this response
STREAM::enable
}
}
when STREAM_MATCHED {
only do logging if we did a replacement
if {$static::profile_photo_debug}
{
log local0. "\[client: $client_ip\] Matched profile photo URL: [STREAM::match]"
log local0. "CLIENT_IP:$CLIENT_IP - STREAM::expression:\"@$MYSITE_HTTP_80@$MYSITE_HTTPS@ @$MYSITE_HTTP@$MYSITE_HTTPS@\" - REQUESTED_URL:$REQUESTED_URL"
}
}