on
15-Mar-2016
04:38
- edited on
05-Jun-2023
22:57
by
JimmyPackets
Problem this snippet solves:
(Maybe I missed it, but) I didn't see a code share for using a
STREAM
profile to rewrite content from http to https.
This share is just to make it easier to find a simple iRule to replace http:// links in page content to https://. It's taken directly from the STREAM::expression Wiki page.
How to use this snippet:
You'll need to assign a STREAM profile to you virtual server in order for this to work (just create an empty stream profile and assign it).
Code :
# Example which replaces http:// with https:// in response content # Prevents server compression in responses when HTTP_REQUEST { # Disable the stream filter for all requests STREAM::disable # LTM does not uncompress response content, so if the server has compression enabled # and it cannot be disabled on the server, we can prevent the server from # sending a compressed response by removing the compression offerings from the client HTTP::header remove "Accept-Encoding" } when HTTP_RESPONSE { # Check if response type is text if {[HTTP::header value Content-Type] contains "text"}{ # Replace http:// with https:// STREAM::expression {@http://@https://@} # Enable the stream filter for this response only STREAM::enable } }
Tested this on version:
11.5Hi Paul,
The stream expression is applied to allot compressed mime-types including png. You need to exclude them.
if { [HTTP::header Content-Type] contains "text" } {
STREAM::expression {@http:\/\/@@}
# enable STREAM
STREAM::enable
} elseif { ([HTTP::header Content-Type] contains "png") or ([HTTP::header Content-Type] contains "msword") or ([HTTP::header Content-Type] contains "ms-excel") or ([HTTP::header Content-Type] contains "ms-powerpoint") or ([HTTP::header Content-Type] contains "pdf") or ([HTTP::header Content-Type] contains "application/x-shockwave-flash") or ([HTTP::header Content-Type] contains "svg")} {
# disable STREAM
STREAM::disable
}
Wow, this is really helpful. I was struggling with a migration of a site behind nginx proxy to f5 and images kept breaking due to mixed http/https responses from the backend server (in nginx there was only 301 redirect and images worked). Big-ip Stream profile and the standard suggestion for irule regarding this http_to_https issue didn't help.
Thanks Yiğit_Uslu
Just wanted to update. My final version to work in our environment is :
when HTTP_REQUEST {
STREAM::disable
}
when HTTP_RESPONSE {
if { [HTTP::header Content-Type] contains "text" } {
STREAM::expression {@http://@https://@}
STREAM::enable
}
elseif { ([HTTP::header Content-Type] contains "png") or ([HTTP::header Content-Type] contains "jpeg") or ([HTTP::header Content-Type] contains "application/x-font-woff") or ([HTTP::header Content-Type] contains "pdf") or ([HTTP::header Content-Type] contains "svg") or ([HTTP::header Content-Type] contains "image/svg+xml")} {
STREAM::disable
}
}
Not sure about the application/x-font-woff content. Probably it is unnecessary and will remove it.