Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

exclude HTTP::header value Content-Type] equals "text/xml; charset=utf-8" from SSL redirect

Go to solution
AhmadJ
Altostratus
Altostratus

‎03-Jun-2023 10:52

Hi

we are trying to exclude from force https irule the below

content typeHTTP::header value Content-Type] equals "text/xml; charset=utf-8"

 also we are using stream profile because we applied irule for mixed contents

is there any way to exclude the above content type from force ssl

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Paulius
MVP
MVP
In response to AhmadJ

‎04-Jun-2023 16:06

@AhmadJ I believe the following iRule should fix what you are referring to. I recommend testing this before putting into production or performing the change in off hours in order to minimize possible downtime if by chance the change is incorrect.

when HTTP_REQUEST priority 500 {

    STREAM::disable

}

when HTTP_RESPONSE priority 500 {

    if { ([HTTP::header Content-Type] contains "text/html") && !([HTTP::header Content-Type] == "text/xml; charset=utf-8") } {
        STREAM::expression {@http://@https://@}
        STREAM::enable
    } elseif { ([HTTP::header Content-Type] contains "png") || ([HTTP::header Content-Type] contains "jpeg") || ([HTTP::header Content-Type] contains "application/x-font-woff") || ([HTTP::header Content-Type] contains "pdf") || ([HTTP::header Content-Type] contains "svg") || ([HTTP::header Content-Type] contains "image/svg+xml")} {
        STREAM::disable
    }

}

View solution in original post

0 Kudos
4 REPLIES 4

Go to solution
Paulius
MVP
MVP

‎03-Jun-2023 21:46

@AhmadJ Would you be able to provide the existing iRule configuration? Are you doing the force SSL on the F5 side or server side?

0 Kudos

Go to solution
AhmadJ
Altostratus
Altostratus
In response to Paulius

‎04-Jun-2023 03:18

@pauljthis is the irule whicg we use

when HTTP_REQUEST {
STREAM::disable
}
when HTTP_RESPONSE {
if { [HTTP::header Content-Type] contains "text/html" } {
STREAM::expression {@http://@https://@}
STREAM::enable
}
elseif { ([HTTP::header Content-Type] contains "png") or ([HTTP::header Content-Type] contains "jpeg") or ([HTTP::header Content-Type] contains "application/x-font-woff") or ([HTTP::header Content-Type] contains "pdf") or ([HTTP::header Content-Type] contains "svg") or ([HTTP::header Content-Type] contains "image/svg+xml")} {
STREAM::disable
}
}

fforce SSL hapening on F5

0 Kudos

Go to solution
Paulius
MVP
MVP
In response to AhmadJ

‎04-Jun-2023 16:06

@AhmadJ I believe the following iRule should fix what you are referring to. I recommend testing this before putting into production or performing the change in off hours in order to minimize possible downtime if by chance the change is incorrect.

when HTTP_REQUEST priority 500 {

    STREAM::disable

}

when HTTP_RESPONSE priority 500 {

    if { ([HTTP::header Content-Type] contains "text/html") && !([HTTP::header Content-Type] == "text/xml; charset=utf-8") } {
        STREAM::expression {@http://@https://@}
        STREAM::enable
    } elseif { ([HTTP::header Content-Type] contains "png") || ([HTTP::header Content-Type] contains "jpeg") || ([HTTP::header Content-Type] contains "application/x-font-woff") || ([HTTP::header Content-Type] contains "pdf") || ([HTTP::header Content-Type] contains "svg") || ([HTTP::header Content-Type] contains "image/svg+xml")} {
        STREAM::disable
    }

}
0 Kudos

Go to solution
AhmadJ
Altostratus
Altostratus
In response to Paulius

‎06-Jun-2023 00:55

Thank u Paulius now it is working as excpected

0 Kudos
Copyright © 2023 Khoros, LLC