Forum Discussion

Cirrostratus

May 20, 2014

When is HTTP_RESPONSE not fired?

I have a very boring iRule. when HTTP_RESPONSE { HTTP::header insert Strict-Transport-Security "max-age=31708800" } It works exactly as expected except... For a VS using multi-domain ...

application delivery

BIG-IP Access Policy Manager (APM)

Cirrostratus

May 21, 2014

Thanks Kevin. I suspect that the added complexity in fixing it is not worth it, given this would largely affect users who've never succeeded in completing authentication. Just wanted to make sure it wasn't some other property of the configuration causing it to break.

Although wonder if it could be added to the config in the way the pages are served. Probably time for HSTS to be a checkbox, and ttl, that does the 'right thing' everywhere, rather than a manual bolt on using iRules.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)