NimbostratusWe are trying to expose an iframe that shows content from a non-https site without getting the mixed content error from all browsers. We are terminating SSL at the F5 for our site. So, if our site is https://www.abc.com and there is an embedded iframe showing content from http://www.def.com in an embedded iframe, we get the security warning. Is there any way to do that using an irule?
CirrostratusI don't think this is possible. They are powerful but iRules can't directly control browser behaviour, which is want you want to do. Can you not use https for that other content? Or somehow serve the content via your domain?
CirrocumulusWhat about a Stream Profile which you could use to replace http://www.def.com with https://www.def.com?
Would this work?
N
CirrocumulusCreate new Stream Profile, Target - @http://www.def.com@https://www.def.com@
Cirrocumulusapply to VS of course ;-)
Do you also own www.def.com? Just curious - doesn't affect my answer below but might impact someone else's answer.
So have you thought about creating another virtual server at say, www2.abc.com that redirects to an HTTPS virtual and to a pool consists of a single HTTP member: www.def.com? Then have your iframe referece www2.abc.com instead of www.def.com.
Would only take a few minutes to configure and test.
Nimbostratus
Nimbostratushello, I was wondering did you try it? did it work? I am facing the same issue and looking for a solution.-thanks
