Forum Discussion
iRule HTTP to HTTPS redirect keep port and uri
Hi,
Does anyone knows the correct syntax of an irule to redirect http to https and keeping the port
for example
http://www.example.com:8443 --> redirect_to --> https://www.example.com:8443
Regards,
- JGCumulonimbus
when HTTP_REQUEST { HTTP::redirect "https://[HTTP::host][HTTP::uri]" }
- Lee_SutcliffeNacreous
You may need to be careful with this one as you could end up in a redirect loop.
Also you can't have an HTTP and an HTTPS VIP both on the same port on the same device. Are you doing SSL pass-through or offloading?
- AabuitragoAltostratus
Ok, thnak you for your prompt response.
To give you a few more details.
My VServer is configure to use HTTPS. So the Link should work like https://www.example.com
Now, the application server for some reason response back with a URL on this form http://www.example.com:8443
And what i wanted to do is replace that URL response with https://www.example.com:8443
Regards,
- JGCumulonimbus
It is always the best to try to fix the issue in the application first if possible. In the absence of the information what app server it is, you can try the following to inform the application of what scheme is used at the user entry point:
- Create an HTTP profile for your virtual server;
- In the field "Request Header Insert" of the profile, enter "X-Forwarded-Proto: https".
If the app server is load-balancer-aware, this should be enough for the app to know what scheme to use when it constructs a self-referencing URL.
- AabuitragoAltostratus
Hi JG,
thank you for your help. Its a redirect issued by the app server. The app server is sending back the entire URL including the port.
regards,
- Lee_SutcliffeNacreous
I would echo everything JG has said.
if an application is issuing a redirect with a local port in the response, it ideally needs fixing on the application.
Reason being, you may end up with absolute HTML references that also need correcting.
That said, if it is just a redirect you could use the following (this is untested as I've written this on my phone)
when HTTP_RESPONSE { if { [HTTP::is_redirect] }{ HTTP::header replace Location "https://[getfield [HTTP::host] : 1][HTTP::uri]" } }
- JGCumulonimbus
In the light of the new information provided, i.e. it is the application (server) issuing the redirect, there is a ready solution for this situation. Please see "K14775: Configuring an HTTP profile to rewrite URLs so that redirects from an HTTP server specify the HTTPS protocol (10.x - 14.x)". You will need to use "Matching" at the minimum if "All" has unintended side effects.
- JGCumulonimbus
Still, it is best to have this fixed at the application if possible.
- AabuitragoAltostratus
Thank you for all your suggestions. I've tested and it worked.. But i'll check the issue at the application server side as mentioned.
thanks again.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com