Topic: changing http to https in header of the response (Read 931 times)

ctoledo · « **on:** February 09, 2010, 06:27:26 AM »

Hello

We are trying to do http to https redirect on our Netscaler 8.1. The problem is that we get the not everything is secure on the page when we try to bring the web page up. We are trying to use the rewrite in the http header and it is not working. This is what I am trying to use.

Name: jm_replace_https
Operation: replace_all Target:http.RES.HEADER("base")
Value:"https://"
Pattern: http://
BypassSafetyCheck : NO
Hits: 96
Undef Hits: 0

jm_replace_http_pol
Hits: 96
Undef Hits: 0
Active: Yes

Am I even close to what this is supposed to do. Any help will be appericated.

Chris Toledo
City Colleges of Chicago

evildani · « **Reply #1 on:** February 10, 2010, 02:18:46 AM »

Check if you are getting in the response a meta tag with base content?

ctoledo · « **Reply #2 on:** February 10, 2010, 03:55:59 AM »

I don't think we have it in the meta tags. Here is the header info

<META HTTP-EQUIV="Expires" CONTENT="0">
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
<base href="http://xxxx.ccc.edu/jsp/login.jsp">
<title>InterScan Messaging Security Suite</title>
<link href="../css/en/top.css" rel="stylesheet" type="text/css">
<script language="JavaScript" src="/javascripts/tooltip.js" type="text/javascript"></script>
<script language="JavaScript" type="text/JavaScript">

What I want to do is change the http:// to https:// and I am going nuts trying to figure it out.

evildani · « **Reply #3 on:** February 27, 2010, 04:52:28 AM »

Sorry it took so long.
Have you tried to delete that particular line?

Marco Schirrmeister · « **Reply #4 on:** May 11, 2010, 05:14:52 PM »

ctoledo,

you may already fixed it, because there was no more response from you.

But what you are looking for is rewriting the body, not the header.
Your rewrite action http.RES.HEADER looks for "base" in the response header. But you have it in the body.

To rewrite the body, you need first to downgrade the http version to 1.1 in the http request from the client and then you can rewrite the body in the http response from the backend.

If you rewrite the body, you should not just look for "http://". Because if there are links to external sites, you would rewrite them too.
But maybe this external site does not run on https.
So I usually look for something unique to my site, to avoid rewriting something that I don't want to rewrite.

Here is an example.

add rewrite action downgrade_to_10 replace http.REQ.VERSION "\"HTTP/1.0\""
add rewrite policy downgrade_to_10_1 TRUE downgrade_to_10
bind lb vserver www.domain.de_443 -policyName downgrade_to_10_1 -priority 10 -gotoPriorityExpression NEXT -type REQUEST

add rewrite action rep_mams_https_body_act3 replace_all "HTTP.RES.BODY(2000000000)" "\"https://www.domain.de\"" -pattern "http://www.domain.de"
add rewrite policy rep_mams_http_body_pol3 TRUE rep_mams_https_body_act3
bind lb vserver www.domain.de_443 -policyName rep_mams_http_body_pol3 -priority 110 -gotoPriorityExpression END -type RESPONSE

So for your example, I would look for "http://xxxx.ccc.edu" and rewrite it with "https://xxxx.ccc.edu".

pagani29391 · « **Reply #5 on:** May 21, 2010, 11:38:17 PM »

thank for share

Netscaler Knowledgebase

News:

Author Topic: changing http to https in header of the response (Read 931 times)

ctoledo

changing http to https in header of the response

evildani

Re: changing http to https in header of the response

ctoledo

Re: changing http to https in header of the response

evildani

Re: changing http to https in header of the response

Marco Schirrmeister

Re: changing http to https in header of the response

pagani29391

Re: changing http to https in header of the response