Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Post content issue in F5

Hi All,

I have created one https & one http virtual server with below settings: 1.) SNI Feature over https vs: since i am using SNI feature so all websites are mapped to single https VS. 2.) created pool based redirection on https vs for that i have created the pool based redirection irule which is working as expected. 3.) For http-> https redirection i have created the irule for that.

Now problem arises when customer entered the user information/parameters in html based form and click on invoke the contents of post request are not fully displayed and getting generic output in all cases.Below is the redirection irule i am using , I am getting hits on irule also.In addition to that if I tried to open the website directly from server expected results are we getting.Please help me on this.

0
Rate this Question
Comments on this Question
Comment made 2 months ago by Kees van den Bos | kees4IP 564

Can you post the irule and post url of the form?

0

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Have you enabled redirect rewrite to all on your HTTP Profile? (on the HTTPS VS)

Cheers,

Kees

1
Comments on this Answer
Comment made 2 months ago by pr@teeku1988 65

Hi Kees & Dej,

After your suggestion i updated the irule now application gives the HTTP 500 error.

@Kees : I have not enabled the redirect rewrite on any of the HTTP profile.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hello,

Although it looks like your iRules and example got cut off I can think of one issue you could be having. In your configuration if you are doing a 301 or 302 redirect after a POST, the browser will send a GET request to the new location and not a POST.

  • To address this you could try a 307 redirect to preserve the POST request; however, whether it will work or not depends on the client's browser.

  • If the redirect is due to switching from http to https I would advise to do the redirect before any forms to POST from are available, otherwise the POST is being sent in clear text (http).

For further trouble shooting, please provide additional information on configuration as well as tests (working and non working). Be sure to sanitize configuration as necessary.

Thank you,
- D

0
Comments on this Answer
Comment made 2 months ago by pr@teeku1988 65

Hi Dej & kees,

Thanks for your reply and looking into this :

Below is the Irule that We have applied on https virtual server :

when HTTP_REQUEST { if {([HTTP::host] equals "powertogo-uat.directenergy.com")} { pool PowertoGo-UAT_pool_http } elseif {([HTTP::host] equals "powertogo-qa.directenergy.com")} { pool PowertoGo-QA_pool_http } elseif {([HTTP::host] equals "powerup-uat.directenergy.com")} { pool powerup-uat_pool_http } elseif {([HTTP::host] equals "pp-uat.directenergy.com")} { pool pp-uat_pool_http } elseif {([HTTP::host] equals "pp-uat.firstchoicepower.com")} { pool pp-uat_firstchoicepower_http_pool } elseif {([HTTP::host] equals "ptgbackoffice-uat.directenergy.com")} { pool ptgbackoffice-uat_pool_http } elseif {([HTTP::host] equals "powerup-qa.directenergy.com")} { pool Powerup-QA_pool_http } elseif {([HTTP::host] equals "pp-qa.directenergy.com")} { pool pp-qa_http_pool } elseif {([HTTP::host] equals "pp-qa.firstchoicepower.com")} { pool pp-qa_firstchoicepower_pool_http } elseif {([HTTP::host] equals "ptgbackoffice-qa.directenergy.com")} { pool ptgbackoffice-qa_pool_http } elseif {([HTTP::host] equals "powertogo-dev.directenergy.com")} { pool powertogo-dev_pool_http } elseif {([HTTP::host] equals "powerup-dev.directenergy.com")} { pool powerup-dev_pool_http } elseif {([HTTP::host] equals "pp-dev.directenergy.com")} { pool pp-dev_pool_http } elseif {([HTTP::host] equals "pp-dev.firstchoicepower.com")} { pool pp-dev_firstchoicepower_pool_http } else { pool ptgbackoffice-dev_pool_http } }

Below is the Irule for http to https redirection applied on http virtual server :

when HTTP_REQUEST { if {([HTTP::host] eq "powerup-uat.directenergy.com[HTTP::uri]")} { HTTP::redirect "https://powerup-uat.directenergy.com[HTTP::uri]" } elseif {([HTTP::host] eq "powertogo-uat.directenergy.com")} { HTTP::redirect "https://powertogo-uat.directenergy.com"; } elseif {([HTTP::host] eq "pp-uat.directenergy.com")} { HTTP::redirect "https://pp-uat.directenergy.com"; } elseif {([HTTP::host] eq "pp-uat.firstchoicepower.com")} { HTTP::redirect "https://pp-uat.firstchoicepower.com"; } elseif {([HTTP::host] eq "ptgbackoffice-uat.directenergy.com")} { HTTP::redirect "https://ptgbackoffice-uat.directenergy.com"; } elseif {([HTTP::host] eq "powerup-qa.directenergy.com[HTTP::uri]")} { HTTP::redirect "https://powerup-qa.directenergy.com[HTTP::uri]" } }

Below is the configuration of Https virtual server :

ltm virtual PowertoGo-UAT { description PowerToGo-UAT.directenergy.com destination 10.158.129.56:https fallback-persistence source_addr ip-protocol tcp mask 255.255.255.255 persist { cookie { default yes } } pool PowertoGo-UAT_pool_http profiles { http { } powertogo-dev.directenergy.com { context clientside } powertogo-qa.directenergy.com { context clientside } powertogo-uat.directenergy.com { context clientside } powerup-dev.directenergy.com { context clientside } powerup-qa.directenergy.com { context clientside } powerup-uat.directenergy.com { context clientside } pp-dev.directenergy.com { context clientside } pp-dev.firstchoicepower.com { context clientside } pp-qa.directenergy.com { context clientside } pp-qa.firstchoicepower.com { context clientside } pp-uat.directenergy.com { context clientside } pp-uat.firstchoicepower.com { context clientside } ptgbackoffice-dev.directenergy.com { context clientside } ptgbackoffice-qa.directenergy.com { context clientside } ptgbackoffice-uat.directenergy.com { context clientside } tcp { } } rules { PowertoGo_generic_web } source 0.0.0.0/0 source-address-translation { type automap } translate-address enabled translate-port enabled vs-index 24 }

Below is the config of http virtual server :

ltm virtual PowertoGo-UAT_80 { description PowerToGo-UAT.directenergy.com destination 10.158.129.56:http fallback-persistence source_addr ip-protocol tcp mask 255.255.255.255 persist { cookie { default yes } } pool PowertoGo-UAT_pool_http profiles { dos_directenergy_no_whitelist { } http { } tcp { } } rules { powertogo-uat-https-redirect } security-log-profiles { "Secureworks Logging Profile" "Secureworks Logging Profile_local" } source 0.0.0.0/0 source-address-translation { type automap } translate-address enabled translate-port enabled vs-index 25 }

Code
0
Comment made 2 months ago by DEJ 356

Hello,

In your iRule powertogo-uat-https-redirect, there are two entries that will never match. Both powerup-uat.directenergy.com and powerup-qa.directenergy.com will not match as written. You've included [HTTP::uri] which will not match against [HTTP::host].

if {([HTTP::host] eq "powerup-uat.directenergy.com[HTTP::uri]")} {

} elseif {([HTTP::host] eq "powerup-qa.directenergy.com[HTTP::uri]")} {

Thank you,
-D

0
Comment made 2 months ago by pr@teeku1988 65

Actually there is below diffent URI's after powerup-qa.directenergy.com like http://powerup-qa.directenergy.com/webservices/customersitewebservice.asmx , http://powerup-qa.directenergy.com/webservices/fidelitypaymentswebservice.asmx etc..

so when user request comes from http i want to redirect to https

0
Comment made 2 months ago by Kees van den Bos | kees4IP 564

What D means is that you don't have to include [HTTP::uri] in your if statement. You only want it to match on hostname.

Cheers,

Kees

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Ok, revert the iRule and enable redirect rewrite to all on the HTTP profile on the HTTPS VS.

Cheers,

Kees

0
Comments on this Answer
Comment made 2 months ago by pr@teeku1988 65

Hi Kees,

OK I have reverted the irule but for redirect rewrite I am getting below settings :

Rewrite Profile : rewrite,rewrite-portal,rewrite-uri-translation ??? Which one I select

as I am not familiar with that .

0
Comment made 2 months ago by Kees van den Bos | kees4IP 564

Make the change in your HTTP profile, not the rewrite profile.

Redirect rewrites will rewrite the http: responses of your webserver to https:

Cheers,

Kees

0
Comment made 2 months ago by pr@teeku1988 65

Can you please guide me which option I should select under Redirect Rewrite : all,matching or nodes ?

0
Comment made 2 months ago by Kees van den Bos | kees4IP 564

All

0
Comment made 2 months ago by pr@teeku1988 65

Hi Kees & Dej,

Thanks for your help it is working now..

0