Users are not able to edit the web page on web server while traffic passes through the Load Balancer

I am not seeing this URL at all in the not working set up. I think there is something which is not allowing to start the Java Script call to server for this.

did you check in http response? as Kevin mentioned, client has to get that url from somewhere.

I am running 9.3.7 software but the document you shared says that the minimum required software 10.0 or higher.

i understand minimum is 10.0 because it is using static global variable (i.e. static::ext_url). you can put the url in content variable (i.e. no need to use static global variable).

v.10 - A new iRules Namespace by Colin Walker

I have got the problem now. Please see the below codes:

Source Code from non working setup: req.open("POST", "http://testthatwasentme.co.uk:80/irj/servlet/prt/portal/prtroot/com.btexx.pct.easyWCM.EditModeRegistrationComponent", true);

Source Code from Working Setup:

("POST", "https://thatwasentme.co.uk/irj/servlet/prt/portal/prtroot/com.btexx.pct.easyWCM.EditModeRegistrationComponent", true);

I believe that the iRule to redirect these url from http to https is not working for POST quarries.

Well then you might have two options here:

1. Find where this HTTP reference is coming from and troubleshoot the STREAM iRule. Ultimately the STREAM profile should be rewriting all HTTP references in the outbound flow.

2. Your original iRule was doing a simple redirect to the HTTPS VIP, and the HTTP::redirect command issues a 302 status code which will natively force the client to return with a GET request. Try changing the simple redirect code to look something like the following.

    lang="tcl">when HTTP_REQUEST {
       HTTP::respond 307 Location "https://[HTTP::host][HTTP::uri]"
   }
   

A 307 status code is supposed to preserve the original request, but you may find that it doesn't work for all browsers.

Hi Kevin,

I was able to collect following code for the url: This is from the line 269 which is reported as a error on page when i click on the edit button.

function logIn() { location.replace('/irj/servlet/prt/portal/prtroot/com.btexx.pct.easyWCM.lightframework.logoffRedirect?firstRequest=false&login=true'); //location.replace("https://thatwasentme.co.uk/irj/portal/login"); }

function talktoServer(){    
    var req = newXMLHttpRequest();
    //register the callback handler function
    var callbackHandler = getReadyStateHandler(req, easyWCMauthor);
    req.onreadystatechange = callbackHandler;
    req.open("POST","https://thatwasentme.co.uk/irj/servlet/prt/portal/prtroot/com.btexx.pct.easyWCM.EditModeRegistrationComponent", true);
    req.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
    //get the value from the text input element and send it to server
    req.send

Source from Non Working Site:

function logIn() { location.replace('/irj/servlet/prt/portal/prtroot/com.btexx.pct.easyWCM.lightframework.logoffRedirect?firstRequest=false&login=true'); //location.replace("http://testthatwasentme.co.uk:80/irj/portal/login"); }

function talktoServer(){    
    var req = newXMLHttpRequest();
    //register the callback handler function
    var callbackHandler = getReadyStateHandler(req, easyWCMauthor);
    req.onreadystatechange = callbackHandler;
    req.open("POST", "http://testthatwasentme.co.uk:80/irj/servlet/prt/portal/prtroot/com.btexx.pct.easyWCM.EditModeRegistrationComponent", true);
    req.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
    //get the value from the text input element and send it to server
    req.send

I think this means that the somewhere in redirection from server listening on port 80 to the server on port 443, POST requests are not handled and are being dropped.

This bit of Ajax is sending a POST request to the HTTP VIP and getting redirected to the HTTPS VIP by the iRule. The redirect itself changes the POST to a GET, which ultimately breaks the request. So now that you've found where the HTTP reference is being set, you can begin to try to exploit one of the two options above:

1. Troubleshoot the STREAM profile so that it properly rewrites this link.

2. Modify your redirect iRule to issue a 307 instead of a 302.

My recommendation is to troubleshoot the STREAM profile. The 307 is not guaranteed to work for all browsers. If you choose option 1, carefully watch the request and response (with a client side capture) of the URL that sends this reference. Does this URL meet the requirements of the HTTP_RESPONSE condition (ie. Content-Type header contains the word "text")?

when HTTP_REQUEST {
    STREAM::disable
    HTTP::header remove "Accept-Encoding"
} 
when HTTP_RESPONSE { 
    if {[HTTP::header value Content-Type] contains "text"}{ 
        STREAM::expression {@http://@https://@} 
        STREAM::enable
    } 
}

I tried this but no luck.

What software is required on LTM for this... I am using 9.3.7

Which did you try? The STREAM profile is available in v9.3.

I tried both. Stream profile and above iRule also.

Hi Kevin,

In the working Setup on Juniper following are the Nitro Rules and I believe its for the same script:

PTC: content contains "http://testthatwasentme.co.uk:80" then replace content term "https://testthatwasentme.co.uk"

PTC: content contains "http://testthatwasentme.co.uk" then replace content term "https://testthatwasentme.co.uk" PTC: url ends_with ".xml" and content

contains "" then append content term " " and continue PTC: url ends_with ".xml" and content contains "EPCM.doNavigate" then replace content term "processURL"

Can you please guide me with and iRule to achieve the same ?

OK Guys,

Now I have the solution which worked and I am gonna post the scenario with the requirement and the solution including the iRule that worked. It will still take some time as currently all the issues are resolved however there are some performance issues which may be resolved post enabling compression and Ram Cache.

Believe me it was amazing experience to work with F5 Engineer who resolved the issue.