Forum Discussion

Muhannad's avatar
Muhannad
Icon for Cirrus rankCirrus
Jul 15, 2020

rewrite the location in 302 response

Dear Experts,

 

I need a help to solve an issue related to SSL offloading with LTM, my issue as following:

Client---LTM-VS---Server, the server is sending a HTTP redirect302 response to a location like following:

    Location: http://example.local:80/xx/ApplicationsLogin?applicationId=MTA=&applicationInstanceId=MQ==\r\n, my issue is related to the port 80 send by the server in the host (example.local:80), if the LTM Virtual server is working with port 80 (http) everything will works fine but once i convert the virtual server to https (443) the application will not open because the server is redirecting the client to this URL: example.local:80, if i remove the port 80 manually, the application will work fine.

 

I am looking for a way to rewrite the http repsonse from the sever by removing the port 80 from the response to the client side, in simple words i need an IRULE or a workaround to forward the server rsponse to the client by rewriting the 302 response from the server:

  Location: http://example.local:80/xx/ApplicationsLogin?applicationId=MTA=&applicationInstanceId=MQ==\r\n

to forward it to the client side like follows:

  Location: http://example.local/xx/ApplicationsLogin?applicationId=MTA=&applicationInstanceId=MQ==\r\n

 

Your help will be appreciated.

 

Regards,

Muhannad

  • Hello Muhannad.

     

    Tried this code and it works like a charm.

    when HTTP_REQUEST {
    	set fqdn_name [HTTP::host]
    }
    when HTTP_RESPONSE {
    	set location [HTTP::header Location]
    	set port [URI::port $location]
    	set n_path [URI::path $location]
    	set n_basename [URI::basename $location]
    	set n_query [URI::query $location]
    	if { [HTTP::is_redirect] }{
    		if { $port eq 80 }{
    			HTTP::header replace Location "https://$fqdn_name$n_path$n_basename?$n_query"
    		}
    	}
    }

    Without iRule, this is the server response.

    < HTTP/1.0 302 Found
    < Location: http://example.local:80/xx/ApplicationsLogin?applicationId=MTA=&applicationInstanceId=MQ==
    < Server: BigIP
    < Connection: Keep-Alive
    < Content-Length: 0

    And this is the response with the iRule.

    < HTTP/1.0 302 Found
    < Location: https://example.local/xx/ApplicationsLogin?applicationId=MTA=&applicationInstanceId=MQ==
    < Server: BigIP
    < Connection: Keep-Alive
    < Content-Length: 0

    Regards,

    Dario.

  • Hello Muhannad.

     

    Try this code:

    when HTTP_REQUEST {
    	set fqdn_name [HTTP::host]
    }
    when HTTP_RESPONSE {
    	set location [HTTP::header Location]
    	set port [URI::port $location]
    	set n_path [URI::path $location]
    	set n_basename [URI::basename $location]
    	set n_query [URI::query $location]
    	if { [HTTP::is_redirect] }{
    		if { $port eq 80 }{
    			HTTP::header replace Location &amp;quot;https://$fqdn_name$n_path$n_basename?$n_query&amp;quot;
    		}
    	}
    }

    Regards,

    Dario.

  • Hi Dario,

     

    Thanks for the response, it gave me an error for the quot when i create the IRULE, i have tried without it but this didnt work :(, it stuck :

    it stuck in the initial requested URL http://xxx.local/xx

     

    is there any simple IRULE can strip to port 80 from the 302 header location.

     

    Regards,

    Muhannad

    • Hello Muhannad.

       

      Tried this code and it works like a charm.

      when HTTP_REQUEST {
      	set fqdn_name [HTTP::host]
      }
      when HTTP_RESPONSE {
      	set location [HTTP::header Location]
      	set port [URI::port $location]
      	set n_path [URI::path $location]
      	set n_basename [URI::basename $location]
      	set n_query [URI::query $location]
      	if { [HTTP::is_redirect] }{
      		if { $port eq 80 }{
      			HTTP::header replace Location "https://$fqdn_name$n_path$n_basename?$n_query"
      		}
      	}
      }

      Without iRule, this is the server response.

      < HTTP/1.0 302 Found
      < Location: http://example.local:80/xx/ApplicationsLogin?applicationId=MTA=&applicationInstanceId=MQ==
      < Server: BigIP
      < Connection: Keep-Alive
      < Content-Length: 0

      And this is the response with the iRule.

      < HTTP/1.0 302 Found
      < Location: https://example.local/xx/ApplicationsLogin?applicationId=MTA=&applicationInstanceId=MQ==
      < Server: BigIP
      < Connection: Keep-Alive
      < Content-Length: 0

      Regards,

      Dario.

      • Muhannad's avatar
        Muhannad
        Icon for Cirrus rankCirrus

        Dear Dario,

         

        This worked as charm, many thanks :).

         

        Regards,

        Muhannad