The issue is still present, but now we know exactly what's happening when the client sends requests. We analyzed packets of good (200) and bad (404) responses. Bad requests are bad because the GET packets contain the domain name pre-pended to the URI. Examples:
GOOD:
1 8 1408563642.5949 (0.0006) C>SV3.1(480) application_data
---------------------------------------------------------------
GET /myURI?myQueryString HTTP/1.1
Host: mySite.com
Connection: keep-alive
BAD:
2 8 1408641901.6124 (0.0011) C>SV3.1(400) application_data
---------------------------------------------------------------
GET https://mySite.com/myURI?myQueryString HTTP/1.1
Host: mySite.com
WL-Proxy-SSL: true
My guess is this is a configuration issue on the client's proxy and I will ask them to verify that. But could someone please help me come up with an iRule that would remove the "https://mySite.com" portion from the request the client is sending?