Forum Discussion
Nimbostratuswhat F5 product is needed to remove a header from traffic outside our domain?
We currently use F5 for load balancing and use other products from other vendors for our firewall. I am an application developer on our internal procurement application. The issue is that we have shopping sites that link to an external shopping site like apple.com which opens within the frames of the procurement application. Due to some sites utilizing X-Frame options, opening the shopping site is blocked. I would like to strip off the X-Frame header when the traffic from the external site hits our firewall via an IRULE. Is there an F5 product that could be used to do this? Opening in another window breaks the procurement application.
1 Reply
Michael_JenkinsCirrostratus
If your site is using an iframe to load the external link, I don't think there's much you can do, because external sites wouldn't be routed through your F5 appliance. The client's browser would be sending a request directly to the external site, so any headers or response from them would go directly to the client.
The only real way to resolve this would be if you were using something like a web proxy (like what the APM does) that can rewrite urls, and causes all traffic to be proxied through the F5.
