HTTPS POST Redirect not done

Question

We have an issue with an application (for example, https://abc.com) and in particular with redirects from HTTP to HTTPS .

As of now when there’s an HTTP request for some resource F5 responds with 302 code and HTTPS URL in Location header. Client browser then requests the URL provided in Location header.

That works fine for GET requests, the issue we have is with POST requests. Most browsers treat 302 response code as 303 and request the resource provided in response’s Location header using GET method. Therefore in TMS we face the issue that HTTP POST requests change to HTTPS GET requests after being redirected.

The question is: can we change the behavior of the redirects? Particularly can we change 302 response code to 307. That way the client’s browser shoulnot change the method from POST to GET after being redirected. Can we have an IRULE for it

simon_blakely · Answer

Rather than use HTTP::redirect, use HTTP::respondHTTP::respond 307 noserver Location "https://[HTTP::host][HTTP::uri]"Please note, most modern browsers should behave correctly with a 307 redirect, but it may be problematic for older browsers.

jimmy-old · Answer

Thank you Simon!It worked!!

simon_blakely · Answer

Glad to help.&nbsp;Please remember to upvote or flag useful answers, so that other members of the DevCentral community can benefit.&nbsp;Thanks

Forum Discussion

HTTPS POST Redirect not done

3 Replies

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

HTTP POST redirect preserving POST data

HTTP Post Flood mitigation with LTM

HTTP To HTTPS Redirect 301

Post of the Week: HTTP Redirect using Datagroups

HTTP Monitor cURL Basic POST