HTTP Header Rewrite - X-Forwarded-Proto

Question

Hi All,I have an issue wherein our client has added a new data source, which is traversing a load balancer before it reaches us. The clients Load Balancer is inserting X-Forwarded-Proto: HTTPS to the header. The Virtual Server on our side is also inserting X-Forwarded-Proto: HTTPS, which results in the header looking like this:X-Forwarded-Proto: https, https&nbsp;Our web servers are not happy with this and are dropping the traffic with a 403 error.Client have advised that they cannot fix this on their side, and we need to fix it on our side. I am reluctant to make any changes to working existing traffic, and we need the X-Forwarded-Proto: HTTPS&nbsp;My plan was to add an iRule to modify the headers to correct the error, but only for the source that's failing, identifying the traffic using the Client IP.&nbsp;Here is the iRule I was planning to use. Can anyone advise if this approach will work theoretically, and if my iRule looks correct?when HTTP_REQUEST {
    if {![class match [IP::client_addr] equals ip_group]} {
        HTTP::header replace "X-Forwarded-Proto" "https"
    }
}Thanks in advance.

sanjay_palande · Answer

iRule looks fine.&nbsp; Make sure Request Header Insert&nbsp;option under HTTP profile is disabled for X-Forwarded-Proto. So that it doesn't duplicate it.&nbsp;

lloyd_carter · Answer

Thanks Sanjay for having a look and for the tip. I'll make sure that's disabled.

Forum Discussion

HTTP Header Rewrite - X-Forwarded-Proto

2 Replies

Recent Discussions

CITRIX remote desktop solution using F5 APM

BIG-IP rseries license

F5 iRule to route traffic based on AS2 headers doesnt work

Trouble with TCP::option set 28

LDAPS: intermittent login issues

Related Content

X-Forwarded-Proto on policy

Rewrite Host Header to Server Name

Rewriting Redirects

Rewriting iRules...LIVE!

Request POST Header Rewrite of Origin and Referer