Forum Discussion
9 Replies
- JG
Cumulonimbus
when HTTP_REQUEST { HTTP::redirect "https://[HTTP::host][HTTP::uri]" }
- Lee_Sutcliffe
Nacreous
You may need to be careful with this one as you could end up in a redirect loop.
Also you can't have an HTTP and an HTTPS VIP both on the same port on the same device. Are you doing SSL pass-through or offloading?
- Aabuitrago
Altostratus
Ok, thnak you for your prompt response.
To give you a few more details.
My VServer is configure to use HTTPS. So the Link should work like https://www.example.com
Now, the application server for some reason response back with a URL on this form http://www.example.com:8443
And what i wanted to do is replace that URL response with https://www.example.com:8443
Regards,
- JG
Cumulonimbus
It is always the best to try to fix the issue in the application first if possible. In the absence of the information what app server it is, you can try the following to inform the application of what scheme is used at the user entry point:
- Create an HTTP profile for your virtual server;
- In the field "Request Header Insert" of the profile, enter "X-Forwarded-Proto: https".
If the app server is load-balancer-aware, this should be enough for the app to know what scheme to use when it constructs a self-referencing URL.
- Aabuitrago
Altostratus
Hi JG,
thank you for your help. Its a redirect issued by the app server. The app server is sending back the entire URL including the port.
regards,
- Lee_Sutcliffe
Nacreous
I would echo everything JG has said.
if an application is issuing a redirect with a local port in the response, it ideally needs fixing on the application.
Reason being, you may end up with absolute HTML references that also need correcting.
That said, if it is just a redirect you could use the following (this is untested as I've written this on my phone)
when HTTP_RESPONSE { if { [HTTP::is_redirect] }{ HTTP::header replace Location "https://[getfield [HTTP::host] : 1][HTTP::uri]" } }
- JG
Cumulonimbus
In the light of the new information provided, i.e. it is the application (server) issuing the redirect, there is a ready solution for this situation. Please see "K14775: Configuring an HTTP profile to rewrite URLs so that redirects from an HTTP server specify the HTTPS protocol (10.x - 14.x)". You will need to use "Matching" at the minimum if "All" has unintended side effects.
- JG
Cumulonimbus
Still, it is best to have this fixed at the application if possible.
- Aabuitrago
Altostratus
Thank you for all your suggestions. I've tested and it worked.. But i'll check the issue at the application server side as mentioned.
thanks again.