cancel
Showing results for 
Search instead for 
Did you mean: 
Michael_Jenkins
Cirrostratus
Cirrostratus

Problem this snippet solves:

(Maybe I missed it, but) I didn't see a code share for using a STREAM profile to rewrite content from http to https.

This share is just to make it easier to find a simple iRule to replace http:// links in page content to https://. It's taken directly from the STREAM::expression Wiki page.

How to use this snippet:

You'll need to assign a STREAM profile to you virtual server in order for this to work (just create an empty stream profile and assign it).

Code :

# Example which replaces http:// with https:// in response content
# Prevents server compression in responses
when HTTP_REQUEST {

   # Disable the stream filter for all requests
   STREAM::disable

   # LTM does not uncompress response content, so if the server has compression enabled
   # and it cannot be disabled on the server, we can prevent the server from 
   # sending a compressed response by removing the compression offerings from the client
   HTTP::header remove "Accept-Encoding"
}
when HTTP_RESPONSE {

   # Check if response type is text
   if {[HTTP::header value Content-Type] contains "text"}{

      # Replace http:// with https://
      STREAM::expression {@http://@https://@}

      # Enable the stream filter for this response only
      STREAM::enable
   }
}

Tested this on version:

11.5
Comments
Paul_Thom
Nimbostratus
Nimbostratus

When I use this *.png files don't render on the clients. Any idea?

 

Yiğit_Uslu
Cirrus
Cirrus

Hi Paul,

The stream expression is applied to allot compressed mime-types including png. You need to exclude them.

 

 if { [HTTP::header Content-Type] contains "text" } {

 

  STREAM::expression {@http:\/\/@@}

  # enable STREAM

  STREAM::enable

 

 } elseif { ([HTTP::header Content-Type] contains "png") or ([HTTP::header Content-Type] contains "msword") or ([HTTP::header Content-Type] contains "ms-excel") or ([HTTP::header Content-Type] contains "ms-powerpoint") or ([HTTP::header Content-Type] contains "pdf") or ([HTTP::header Content-Type] contains "application/x-shockwave-flash") or ([HTTP::header Content-Type] contains "svg")} {

 

   # disable STREAM

   STREAM::disable

 }

 

Paul_Thom
Nimbostratus
Nimbostratus

Thanks, I removed STREAM but that looks like a better option. Appreciate the response, stay safe.

Emil
Altocumulus
Altocumulus

Wow, this is really helpful. I was struggling with a migration of a site behind nginx proxy to f5 and images kept breaking due to mixed http/https responses from the backend server (in nginx there was only 301 redirect and images worked). Big-ip Stream profile and the standard suggestion for irule regarding this http_to_https issue didn't help.

Thanks Yiğit_Uslu

Emil
Altocumulus
Altocumulus

Just wanted to update. My final version to work in our environment is :

 

when HTTP_REQUEST {
    STREAM::disable
}
when HTTP_RESPONSE {
    if { [HTTP::header Content-Type] contains "text" } {
        STREAM::expression {@http://@https://@}
        STREAM::enable
    }
   elseif { ([HTTP::header Content-Type] contains "png") or ([HTTP::header Content-Type] contains "jpeg") or ([HTTP::header Content-Type] contains "application/x-font-woff") or ([HTTP::header Content-Type] contains "pdf") or ([HTTP::header Content-Type] contains "svg") or ([HTTP::header Content-Type] contains "image/svg+xml")} {
   STREAM::disable
    }
}

Not sure about the application/x-font-woff content. Probably it is unnecessary and will remove it.

 

Version history
Last update:
‎15-Mar-2016 04:38
Updated by:
Contributors