Forum Discussion
Go though this link which may help you.
https://devcentral.f5.com/s/question/0D51T00006wyrrU/irule-to-hide-uri-from-client-side
- Simon_BlakelyApr 27, 2020Employee
None of those rules will work - they allow re-writing requests from what the client-side expect to what the server expects, but this does not hide the requested URI in the address bar.
Having thought about this some more, the following irule works to hide all the URLs behind /f:
# irule to flatten a site to make it look like a single-page application # this stores the request URI in a table and issues a 308 redirect with an identifying token in a cookie # when the 308 is processed the client reissues the request to the new location # the original URI is retrieved (using the token) and the request is updated and sent to the server # An HTTP 308 should repost the same request using the same method when HTTP_REQUEST { if { ([HTTP::uri] eq "/f") and ([HTTP::cookie "X-target"] ne "") } { # We have a token from a redirection set new_token [HTTP::cookie "X-target"] log local0. "redirected URI is [HTTP::uri], token is $new_token" set new_uri [table lookup $new_token] log local0. "uri is $new_uri" HTTP::uri $new_uri set clean_cookie 1 } else { set uri [HTTP::uri] set token [string tolower [string map {/ "" + ""} [b64encode [md5 [ clock clicks -milliseconds ]$uri]]]] log local0. "token is $token, uri is $uri" table set $token $uri 5 log local0. "Redirect to $static::protocol://$static::host/ with header X-target=$token" HTTP::respond 308 Location "/f" Set-Cookie "X-target=$token; Max-Age=5; path=/" set clean_cookie 0 } } when HTTP_RESPONSE { # clean up the X-target cookie if { $clean_cookie eq 1 } { log local0. "removing " HTTP::header Set-Cookie "X-target=deleted; expires=Thu, 01 Jan 1970 00:00:00 GMT" } }
However: this will only work in a browser that correctly supports the HTTP 308 redirect.
This will follow the redirect, but will resubmit the request with the same method.
Also, every request triggers a redirect, so it doubles the number of requests.
It's really inefficient network-wise and memory-wise.
I have not tested this with any really complex web-sites, so YMMV.