Hi, I have a vhost with a policy proxypass to redirect the HOST dns on the pool with somes different option. I want to add X-Forwarded-Proto option in the policy but after somes try I couldn't get it to work.
"3.Insert HTTP Header named 'X-Forwarded-Proto' with value 'https' at response time." don't work
@Jean_Mamène That is correct and it is the easiest and least complex way of configuring this. Any particular reason this cannot be done in an HTTP profile? I don't believe this can be done properly through a policy and would have to be done in an iRule and applied to the 443 virtual server only.
when HTTP_REQUEST priority 500 {
HTTP::header insert "X-Forwarded-Proto" "https"
}
@Jean_Mamène If you need a specific host header value to be matched and it's a long list you can create a data-group then in that data-group you add an entry for each host value and then perform a match in your iRule and the action to take would be to add in the XFP header similar to the following.
when HTTP_REQUEST priority 500 {
if { [class match --value [HTTP::host] == CLASS-XFP-HOSTS] } {
HTTP::header insert "X-Forwarded-Proto" "https"
}
}
The following is an example of the data-group that you can import quickly through the cli using the "load sys config from-terminal merge" command and then pasting in the data-group. You would only have to adjust the host names in the data-group to your list before pasting it into the CLI.
ltm data-group internal CLASS-XFP-HOSTS {
records {
www1.example.com { }
www2.example.com { }
www3.example.com { }
}
type string
}
