HTTPS offload rewriting
Problem this snippet solves:
This iRule shows how to rewrite an HTTP web application's self references from http:// to https:// to avoid insecure content warnings.
Note if the response content size is changed like it would be with this iRule you must use a custom HTTP profile with response chunking set to rechunk.
Code :
when HTTP_REQUEST { # Save the requested host value set host [string tolower [HTTP::host]] # If the HTTP host header is blank, use the VS IP address # If the VS IP is not routable for clients, hard code a routable IP # to replace [IP::local_addr] if {$host eq ""}{set host [IP::local_addr]} # Disable the stream filter by default STREAM::disable } when HTTP_RESPONSE { # Check if response type is text and host isn't null if {[HTTP::header value Content-Type] contains "text" and $host ne ""}{ # Replace http://$host with https://$host STREAM::expression "@http://$host@https://$host@" # Enable the stream filter for this response only STREAM::enable } # Rewrite the Location header in redirects to https:// if { [HTTP::is_redirect] && [string tolower [HTTP::header Location]] starts_with "http://$host"} { HTTP::header replace Location [string map -nocase "http://$host https://$host" [HTTP::header Location]] } }
Published Mar 18, 2015
Version 1.0