Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

funduval's avatar
funduval
Icon for Nimbostratus rankNimbostratus
Sep 08, 2022

Simple redirect of host name only, keeping the paths and query params in the redirect the same

Hi I'm kind of surprised I haven't been able to find a simple answer for this. We need to redirect (also see requirements below): https://foo.bar.com/authorize/aaa/bbb/someFile.jsp?response_type=...
application delivery
cloud
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Sep 08, 2022

The following should do the job:

when HTTP_REQUEST {
    if { [HTTP::uri] starts_with "/authorize/" } {
        HTTP::redirect "https://xxx.baz.com[HTTP::uri]"
    }
}

 

[HTTP::uri] captures the entire URI path, ex.

/authorize/aaa/bbb/someFile.jsp?response_type=abc&client_id=def&scope=ghi&redirect_uri=jkl

HTTP::path] captures the URI without the querystring, ex.

/authorize/aaa/bbb/someFile.jsp

 [HTTP::query] captures just the querystring, ex.

response_type=abc&client_id=def&scope=ghi&redirect_uri=jkl