Antonio_Varni
May 09, 2008Nimbostratus
rewrite server redirect back to client to HTTPS _if_ the original client request was also HTTPS
Strange that I need to write an iRule to do this (I'd think this would be a fairly common need) - but I have a webapp that I want to migrate over to SSL using the LTM. While we get our CA certs pushed out to our clients - we need to support people using this webapp both over HTTP and HTTPS. Without help from the LTM people browsing to this webapp originally as https:// will get kicked out back to HTTP as the webapp issues HTTP redirects.
This is the iRule I've written to accomplish this (LTM v9.2.3):
---
rewrite redirects to HTTP back to HTTPS if the connection was HTTPS originally
when HTTP_REQUEST {
collect variables
set vip_port [TCP::local_port]
}
when HTTP_RESPONSE {
if { [HTTP::is_redirect] and $vip_port == 443 and [HTTP::header exists Location]} {
set location [HTTP::header Location]
if {$location starts_with "http://"} {
set newlocation "https://[substr $location 7 ";"]"
log local0.info "rewriting ssl server to client Location redirect from $location to $newlocation"
HTTP::header replace Location $newlocation
}
}
}
---
... and this seems to work fine. Is there a better / simpler method to accomplishing the above though? Any optimizations? I searched the 'CodeShare' list of commonly used iRules and didn't see anything that had this behavior.
TIA!