Https on a http site with stylesheets

Hi Misty,

 

There was a forumn thread that talk about you can exclude/include URLs that you want re-written.

 

 

Here is the path to thread article.

 

 

http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/50/aft/1178923/showtab/groupforums/Default.aspx

 

 

I hope this helps

 

 

Bhattman

Thanks for the quick reply. I am so sorry but I may need it more spelled out than that. The first thing you link (http://devcentral.f5.com/Wiki/default.aspx/iRules/STREAM__expression) seems to bring me to a generic page. maybe if I have the examples there I could put something together.

 

 

The example that hoolio quoted again sounds like what I need but does some really strange things to the website. (moves form input boxes around etc) and the site doesn't function right. I don't really understand this part

 

 

Check if the matched string meets some condition that can't easily be checked for using a single regex in STREAM::expression

 

if {[STREAM::match] starts_with "host1"}{

 

 

and this part

 

 

Match an http://*example.com string and replace it with nothing yet

 

STREAM::expression {&http://.*?example\.com&&}

 

 

I tried to add the vender site we host as best as possible but I really don't understand the significance of all the special characters, I'm assuming wildcards?

 

 

The domain I need to match is longer than the example. like venderapp.co.county.state.us so maybe I did it wrong but I don't even know if this is what I should try to match.

 

 

Just to restate, the 10 line code I quoted works perfectly for the vender app. It just has a few external links that I somehow need to not rewrite (in fact so few links I could match them if its easier, perfer not too incase they add more)

 

 

I hope this all makes sense. Thanks in advance for any help sorry I have no programming skills :(

Hi Misty,

One of the examples posted on the STREAM::expression Wiki page is probably what you are going to want to look into using:

 
when HTTP_REQUEST {
 Disable the stream filter for all requests
STREAM::disable
}
when HTTP_RESPONSE {
 Check if response type is text
if {[HTTP::header value Content-Type] contains "text" } {
 Replace any http:// instance with https://, unless the original string is http://example.com
STREAM::expression {@http:(?!//example\.com)@https://@}

 Enable the stream filter for this response only
STREAM::enable
}
}

The previous iRule will replace any http:// instance with https://, unless the original string is http://example.com.

The special characters are Regular Expressions.

() encapsulates the expression.

?! is a negative look ahead or don't replace this.

// is part of the lookup.

the \. is an escape character noting that the period is part of the literal compare.

So if you add in your exception you should be good to go.

There is a nice Regular Expression Cheat sheet here: http://www.addedbytes.com/download/regular-expressions-cheat-sheet-v2/pdf/

Hmmm that one just give me the whole "page can not be displayed"

 

 

Any fundamental config I might need to change on the VIP or anything? The site still works when I pull this iRule out and put in the other one. I actually just copied it just like it is (with {@http:(?!//example\.com)@https://@}) Just to see if it would work at all.

 

 

I didn't know this would be so tricky to do!lol

 

 

Thanks for the info and thanks in advance for you help

@@ ok this seems to work.

Could you please review and make sure I'm not getting into anything that might bite me. Remember I have to use quotes on my version 9.4.4 or I run into this problem http://support.f5.com/kb/en-us/solutions/public/7000/900/sol7988.html?sr=16791182 (I'm not sure if I'm doing it right but it seems to work but this is the line I changed "&http://*?venderapp\.co\.county\.state\.us&&")

when HTTP_REQUEST {
   STREAM::disable
}
when HTTP_RESPONSE {  
   if {[HTTP::header value Content-Type] contains "text"}{  
      STREAM::expression "&http://*?venderapp\.co\.county\.state\.us&&"
      STREAM::enable  
   }  
}   
when STREAM_MATCHED {  
   if {[STREAM::match] starts_with "venderapp"}{
      STREAM::replace "[string map {http:// https://} [STREAM::match]]"
      log local0. "[IP::client_addr]:[TCP::local_port]: matched: [STREAM::match], replaced with: [string map {http:// https://} [STREAM::match]]"  
   }
}

I apologize for the delay. After you reported back that it did not work properly I tried it myself and could not get it to work either (I'm not giving up on it, but there is always more than one way to solve a problem).

I found the same example you posted and started to work with it. This is what i came up with that works.:

 
when HTTP_REQUEST {
 Disable the stream filter for all requests
STREAM::disable
}
when HTTP_RESPONSE {
 Check if response type is text
if {[HTTP::header value Content-Type] contains "text" } {
 List the FQDN's that you do NOT want modified and the http:// that will cover everything else that you do.
STREAM::expression {@http://example.com@@ @http://example2.com@@ @http://@@}

 Enable the stream filter for this response only
STREAM::enable
}
}
when STREAM_MATCHED {
 Take the matches from the STREAM::expression and handle them.
if {[STREAM::match] contains "example.com" || [STREAM::match] contains "example2.com"} {
log local0. "Stream Matched:  [STREAM::match]"
 Return and do not alter them.
return
}
else {
STREAM::replace "[string map {http:// https://} [STREAM::match]]"
 Everything not handled with get http:// replaced with https://
log local0. "Stream Matched ELSE: [STREAM::match]"
}
}

Hope this helps. If I find out why the original would not work then I'll post it here for everyone.