Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 

Redirect TLS 1.1/1.2 clients & Append the incoming URL to the redirect target

Mrwillbaclimon
Altocumulus
Altocumulus

This is probably simpler than I'm trying to accomplish. I can't seem to get it working unfortunately. Any assistance would be appreciated.

Summary

  1. Goal is to trigger a redirect for TLS 1.1/1.2 clients and Append the incoming URL to the redirect
    (Testing out just the redirect first before I add more criteria)

Example

Inbound HTTPS Request 
https://abc.com/URIexample/abc/login?service=https%3A%2F%2website.domain.com

Redirect to HTTP(S) External Internet Site

https://xyz.com/random/random/warn.html?source=https://aaa.domainexample.com/blah/login?service=http...

Detail on redirect
 Redirect to ----> add "source="  AND append source URI adding

 

 

 


-Will
1 ACCEPTED SOLUTION

I added some if bypass statements and working very well!

 

Thanks again

equals "TLSv1" ) and (not ([HTTP::uri] contains "tlsWarnRedirected")) and (not([HTTP::header "User-Agent"] contains "customagent"))} {


-Will

View solution in original post

4 REPLIES 4

Hi Will,

Can you try this iRule?

when HTTP_REQUEST {
	if { [SSL::cipher version] equals "TLSv1.1" || [SSL::cipher version] equals "TLSv1.2" } {
		if { [HTTP::host] ne "xyz.com"} {
			HTTP::redirect https://xyz.com/random/random/warn.html?source=https://[HTTP::host][HTTP::uri]
			return
		}
	}
}

 

@Enes_Afsin_Al 

Thank you. I will test this in Dev shortly and respond with results.

Believe your right on point 🙂


-Will

Mrwillbaclimon
Altocumulus
Altocumulus

I did try it and it worked well...Thank you!

  • I modified "ne" statement with "starts with" 
  • Testing User-Agent if statements now

For example

 

if { ([HTTP::header "User-Agent"] contains "randomagentstring") and (not ([HTTP::header "User-Agent"] contains "random/7.0")) and (not ([HTTP::header "User-Agent"] contains "xyz")) and
(not ([HTTP::header "User-Agent"] contains "abc")) and (not ([HTTP::header "User-Agent"] contains "random2")) and (not ([HTTP::header "User-Agent"] contains "random3")) and
([HTTP::header "User-Agent"] contains "Build Version random") }{


-Will

I added some if bypass statements and working very well!

 

Thanks again

equals "TLSv1" ) and (not ([HTTP::uri] contains "tlsWarnRedirected")) and (not([HTTP::header "User-Agent"] contains "customagent"))} {


-Will