Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Kevin_Davies_40's avatar
Kevin_Davies_40
Icon for Nacreous rankNacreous
Aug 14, 2011

STREAM *head scratching*

Hello,     I have a VS setup on port 443 applied to external VLAN using builtin SSL profile on clientside only, http profile (rechunk, x-forwarded), empty stream profile, SNAT pool; points to a ...
application delivery
dev
devops
irules
Kevin_Davies_40's avatar
Kevin_Davies_40
Icon for Nacreous rankNacreous
Aug 15, 2011
when HTTP_REQUEST { 
  STREAM::disable 
  HTTP::header remove "Accept-Encoding" 
}

Turns out this bit of iRule above is necessary to make all this work. However the stream profile @http://@https://@ does not. It had to be modified to @http@https@

The following expressions have different results... host = hello

STREAM::expression @http://@https://@ does not work

STREAM::expression @http://hello@https://hello@ does not work

STREAM::expression @http://\@https://\@ does work

STREAM::expression @http://$host@https://$host@ does work

STREAM::expression @http@https@ does work

Can anyone explain to me why certain things work and others do not. I would like to understand the parsing that is going on here.

Regards

Kevin (Jarvil)