Rewrite http:// to https:// in response content

Problem this snippet solves:

(Maybe I missed it, but) I didn't see a code share for using a 

STREAM
profile to rewrite content from http to https.

This share is just to make it easier to find a simple iRule to replace http:// links in page content to https://. It's taken directly from the STREAM::expression Wiki page.

How to use this snippet:

You'll need to assign a STREAM profile to you virtual server in order for this to work (just create an empty stream profile and assign it).

Code :

# Example which replaces http:// with https:// in response content
# Prevents server compression in responses
when HTTP_REQUEST {

   # Disable the stream filter for all requests
   STREAM::disable

   # LTM does not uncompress response content, so if the server has compression enabled
   # and it cannot be disabled on the server, we can prevent the server from 
   # sending a compressed response by removing the compression offerings from the client
   HTTP::header remove "Accept-Encoding"
}
when HTTP_RESPONSE {

   # Check if response type is text
   if {[HTTP::header value Content-Type] contains "text"}{

      # Replace http:// with https://
      STREAM::expression {@http://@https://@}

      # Enable the stream filter for this response only
      STREAM::enable
   }
}

Tested this on version:

11.5
Updated Jun 06, 2023
Version 2.0
application delivery
http
http to https
https
iRules
LTM
rewrite
  • Yiğit_Uslu's avatar
    Yiğit_Uslu
    Icon for Cirrus rankCirrus
    Aug 22, 2021

    Hi Paul,

    The stream expression is applied to allot compressed mime-types including png. You need to exclude them.

     

     if { [HTTP::header Content-Type] contains "text" } {

     

      STREAM::expression {@http:\/\/@@}

      # enable STREAM

      STREAM::enable

     

     } elseif { ([HTTP::header Content-Type] contains "png") or ([HTTP::header Content-Type] contains "msword") or ([HTTP::header Content-Type] contains "ms-excel") or ([HTTP::header Content-Type] contains "ms-powerpoint") or ([HTTP::header Content-Type] contains "pdf") or ([HTTP::header Content-Type] contains "application/x-shockwave-flash") or ([HTTP::header Content-Type] contains "svg")} {

     

       # disable STREAM

       STREAM::disable

     }

     

  • Emil's avatar
    Emil
    Icon for Altocumulus rankAltocumulus
    Aug 24, 2022

    Wow, this is really helpful. I was struggling with a migration of a site behind nginx proxy to f5 and images kept breaking due to mixed http/https responses from the backend server (in nginx there was only 301 redirect and images worked). Big-ip Stream profile and the standard suggestion for irule regarding this http_to_https issue didn't help.

    Thanks Yiğit_Uslu

  • Emil's avatar
    Emil
    Icon for Altocumulus rankAltocumulus
    Aug 26, 2022

    Just wanted to update. My final version to work in our environment is :

     

    when HTTP_REQUEST {
    STREAM::disable
}
when HTTP_RESPONSE {
    if { [HTTP::header Content-Type] contains "text" } {
        STREAM::expression {@http://@https://@}
        STREAM::enable
    }
   elseif { ([HTTP::header Content-Type] contains "png") or ([HTTP::header Content-Type] contains "jpeg") or ([HTTP::header Content-Type] contains "application/x-font-woff") or ([HTTP::header Content-Type] contains "pdf") or ([HTTP::header Content-Type] contains "svg") or ([HTTP::header Content-Type] contains "image/svg+xml")} {
   STREAM::disable
    }
}

    Not sure about the application/x-font-woff content. Probably it is unnecessary and will remove it.

     

  • Paul_Thom's avatar
    Paul_Thom
    Icon for Nimbostratus rankNimbostratus
    May 28, 2021

    When I use this *.png files don't render on the clients. Any idea?

     

  • Paul_Thom's avatar
    Paul_Thom
    Icon for Nimbostratus rankNimbostratus
    Aug 22, 2021

    Thanks, I removed STREAM but that looks like a better option. Appreciate the response, stay safe.