Forum Discussion
escman
Cirrus
CirrusSTREAM profile (HTTP > HTTPS) with host exception
Hello guys,
I do need to add a exception into the default stream irule (HTTP to HTTPS) to bypass the www.w3.org domain:
I got this iRule:
when HTTP_REQUEST {
STREAM::disable
HTTP::header remove "Accept-Encoding"
}
when HTTP_RESPONSE {
if {[HTTP::header value Content-Type] contains "text"}{
STREAM::expression {@http:(?!//www\.w3\.org)@https://@}
STREAM::enable
}
}
however.. through this regular expression the virtual server is resetting the connections.. have any ideas how to do it in other way?
Thanks 🙂
Hi Enes,
I done it explict instead use only "http" > "https" (the real domain http://domain.com to https://domain.com) and works fine!
Thank you 🙂
Hi escman,
If you are having this problem when load svg files, there is an article about it.
K04347914: When accessing web application images don't load - SVG image/icon failed to load
https://support.f5.com/csp/article/K04347914
escmanHi Enes,
I done it explict instead use only "http" > "https" (the real domain http://domain.com to https://domain.com) and works fine!
Thank you 🙂
- escman
Hi sir,
I already tried to skip svg files but also there are alot of javascript codes running at page (note that the server is entire HTTP due ssloffload) and, the issue releated with the svg/png objects works fine but some javascript elements just do not occur probaly due stream profile. I dont know if its right to bypass the javascript because its showed as MIME text/html at content response and the first "if" will trigger... I don't know if it's correct, however, its possible to change all "HTTP" references in the application code to null (like change http://domain.com to domain.com), and leave like a hybrid request? and then let the browser interpret the correct protocol.
Hi escman , it looks like Enes_Afsin_Al hasn't had a chance to come back to answer your follow-up, so I'll see if I can find a colleague to jump in to help.
