Forum Discussion

pwallace_110041's avatar
pwallace_110041
Icon for Nimbostratus rankNimbostratus
Jul 23, 2007

http to https redirect for POST's not GET's

I have been digging around the forums looking for some good news on how to do this but I have only seen posts saying that this can't be done like in; (Subject: iRule for forcing https)

 

 

In our case the first transmission to the LTM is often a POST and these POST's can vary wildly. I realize that redirecting a POST will have unsatisfactory results but I am really hoping that there is some other way to get from http to https.

 

 

Currently running on 9.1.2 and sending traffic to an Apache pool.

 

 

Any and all wild ideas accepted.

 

 

Regards,

 

 

Pippin

 

2 Replies

  • You could try to parse through the post data, pick out each parameter and value, URI encode it and insert it in the query string of the Location header in a 302 redirect. Icchhh. I don't think it's easy to parse the post data so I wouldn't actually suggest you try this. So no, I can't think of anything elegant.

     

     

    If the client is already sending the POST data in clear-text could you just pass it to the server and redirect any GET requests to HTTPS?

     

     

    Aaron
  • Using a 307 redirect code response might be an option for you. The caveat is different behavior is seen depending on the browser you use since RFC2616 isn't very specific on 307's ans POSTs. The browser may generate a popup and ask to authorize the redirect, or may not at all (most MSIE's).