Forum Discussion
13 Replies
Sort By
- nitass
Employee
it is not a silly question but i am sorry i do not understand what the issue is. could you please explain us a little bit more? or can you give us some example? - Colin_Walker_12Historic F5 AccountYou want to SSL encrypt a response on the LTM before sending it back to the client? Is that correct?
- Roman_80473
Nimbostratus
Hi nitass, - Roman_80473
Nimbostratus
Colin, - hooleylist
Cirrostratus
Hi Roman, - hooleylist
Cirrostratus
Here's an example which uses a stream profile to rewrite the response headers and/or payload to https://:when HTTP_REQUEST { Save the requested host value set host [string tolower [HTTP::host]] Disable the stream filter by default STREAM::disable } when HTTP_RESPONSE { Check if response type is text and host isn't null if {[HTTP::header value Content-Type] contains "text" and $host ne ""}{ Replace http://$host with https://$host STREAM::expression "@http://$host@https://$host@" Enable the stream filter for this response only STREAM::enable } Rewrite the Location header in redirects to https:// if { [HTTP::is_redirect] && [string tolower [HTTP::header Location]] starts_with "http://$host"} { HTTP::header replace Location [string map -nocase "http://$host https://$host" [HTTP::header Location]] } }
- Roman_80473
Nimbostratus
Hi Aaron, - hooleylist
Cirrostratus
Can you use a plugin like Fiddler2 to trace the session and see where the http:// request is being triggered from? Basically, you'd look for the first bad http:// request and go back from there to see where the http:// link is coming from. - nitass
Employee
should we remove Accept-Encoding header in the request? - hooleylist
Cirrostratus
If the web app is using compression, then use you should either disable it to use a stream profile to rewrite the response content or remove the Accept-Encoding request header.