Forum Discussion
sparky_86686
Nov 19, 2008Nimbostratus
Using "matching" on Rewrite Redirects
In post 13907 Deb mentions that for the Rewrite Redirects functionality in the http profile:
* Matching: Specifies that the system rewrites the scheme to HTTPS in any HTTP redirect responses in which the hostname matches that of the request.
Is this accurate? I see other docs that only mention:
Use "Matching" to rewrite only courtesy redirects intended to append a missing trailing slash to a directory request.
Using this functionality, assuming that Deb's comments are correct, I would think the below test should work?
Background:
I am coming in on an F5 SSL terminated connection with the F5 going back to a http listener on the webserver.
The webserver (Sun) has NSAPI code that does a redirect based on a cookie (since moving SSL to the F5 ALL redirects are going http).
This redirect needs to be changed to https when the connection is https at the F5 and the hostname matches.
GET / HTTP/1.1
Host: www.example.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: TEST=.tI%3EJYrYfb4bhrqub..
HTTP/1.x 302 Moved Temporarily
Server: ""
Date: Wed, 19 Nov 2008 19:52:11 GMT
Content-Type: text/html
Location: http://www.example.com/noauth/servlet/example?redirectPage=/
Content-Encoding: gzip
Transfer-Encoding: chunked
----------------------------------------------------------
http://www.example.com/noauth/servlet/example?redirectPage=/
GET /noauth/servlet/example?redirectPage=/ HTTP/1.1
...
Yet it goes to http.
Any clues?
- hoolioCirrostratusHi there,
when HTTP_RESPONSE { Check if response is a redirect if {[HTTP::is_redirect]}{ Rewrite the location header if it matches a hardcoded host value HTTP::header replace Location [string map -nocase "http://www.example.com https://www.example.com" [HTTP::header value Location]] } }
when HTTP_REQUEST { Save host header in lower case set host [string tolower [HTTP::host]] } when HTTP_RESPONSE { Check if response is a redirect if {[HTTP::is_redirect] and [string tolower [HTTP::header value Location]] starts_with "http://$host"}{ Rewrite the location header if it matches a hardcoded host value HTTP::header replace Location [string map -nocase "http:// https://" [HTTP::header value Location]] } }
- sparky_86686NimbostratusThanks. Used the generic one so I can apply this on different VIPs if needed. Performs well for our amount of traffic.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects