Forum Discussion
- nitassEmployeeit is not a silly question but i am sorry i do not understand what the issue is. could you please explain us a little bit more? or can you give us some example?
- Colin_Walker_12Historic F5 AccountYou want to SSL encrypt a response on the LTM before sending it back to the client? Is that correct?
- Roman_80473NimbostratusHi nitass,
- Roman_80473NimbostratusColin,
- hooleylistCirrostratusHi Roman,
- hooleylistCirrostratusHere's an example which uses a stream profile to rewrite the response headers and/or payload to https://:
when HTTP_REQUEST { Save the requested host value set host [string tolower [HTTP::host]] Disable the stream filter by default STREAM::disable } when HTTP_RESPONSE { Check if response type is text and host isn't null if {[HTTP::header value Content-Type] contains "text" and $host ne ""}{ Replace http://$host with https://$host STREAM::expression "@http://$host@https://$host@" Enable the stream filter for this response only STREAM::enable } Rewrite the Location header in redirects to https:// if { [HTTP::is_redirect] && [string tolower [HTTP::header Location]] starts_with "http://$host"} { HTTP::header replace Location [string map -nocase "http://$host https://$host" [HTTP::header Location]] } }
- Roman_80473NimbostratusHi Aaron,
- hooleylistCirrostratusCan you use a plugin like Fiddler2 to trace the session and see where the http:// request is being triggered from? Basically, you'd look for the first bad http:// request and go back from there to see where the http:// link is coming from.
- nitassEmployeeshould we remove Accept-Encoding header in the request?
- hooleylistCirrostratusIf the web app is using compression, then use you should either disable it to use a stream profile to rewrite the response content or remove the Accept-Encoding request header.