Forum Discussion
Colin_Walker_12
May 09, 2008Historic F5 Account
I've seen a few people doing something similar, but that's a pretty clean example. I'd make a couple of small changes, though
1. You can avoid extra overhead by getting rid of un-needed variables, such as $location, $vip_port and $newlocation.
2. You can use the HTTP::host command to carry over the requested hostname and HTTP::uri for the uri, instead of using the substr command.
3. By using the appropriate TCP command in the right context, you can skip the HTTP_REQUEST event code all together.
The updated rule would look like:
when HTTP_RESPONSE {
if { [HTTP::is_redirect] and ([TCP::server_port] == 443) and ([HTTP::header Location] starts_with "http://")} {
log local0.info "rewriting ssl server to client Location redirect from [HTTP::header Location] to https://[HTTP::host][HTTP::uri]"
HTTP::header replace Location https://[HTTP::host][HTTP::uri]
}
}
HTH,
Colin