redirect POSTs to HTTPS?

Sure! For this you'd use the HTTP::method command. If you just want to redirect all posts then it'd be a pretty simple logical check:

 
 when HTTP_REQUEST { 
   if { [HTTP::method] eq "POST" } { 
     HTTP::redirect "http://[HTTP::host][HTTP::uri]" 
   } 
 } 
 

That's assuming that you want to keep the destination host and URI the same, of course.

Colin

Be aware that if you redirect a POST request, the client will make a GET request to the new location and not submit the POST data. Here are some suggestions from a related post:

 

 

 

http://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&tpage=1&view=topic&postid=5853158538

 

 

As you've found, redirecting a POST request triggers the client to make a GET request to the new Location. Any POST data is lost in the process. In terms of LTM configuration, it would probably be easiest to rewrite the response which generates the POST via HTTP so that the POST is made via HTTPS.

 

 

If you are trying to prevent sensitive data from being sent in the clear it's too late by the time the POST request is sent with the login credentials. The data is already being sent in cleartext. Ideally you would try to prevent the HTTP request before it's made. If the response which generates the HTTP request is sent to the client through LTM, you could potentially rewrite it to reference the HTTPS VIP using a stream profile and STREAM::expression iRule (Click here). Or more ideally, you could change the application to reference https instead of http.

 

 

 

 

Aaron