Above iRule is correct, You can remove the statement which is creating issue.
If i will be at you place then can try negative scenario and short irule for fun. You can try to use URI_DB class to add and remove the URI.
when HTTP_REQUEST {
if { !([class match [IP::client_addr] equals internal_subnets]) && ([class match [HTTP::uri] starts_with URI_DB) } {
HTTP::redirect "http://app.com/sorry.html"
}
else {
pool app_80_pool
}
}
Add the all uri in URI_DB
"/sorry.html"
"/foo/combined.js*"
"/foo/css/*"
"/foo/desktopreset"
Please tune iRule per requirements.
Thanks