Link to home
Start Free TrialLog in
Avatar of bobs6140
bobs6140

asked on

How to HTTP ignoreHandlers with a F5 Big IP

We are having an issue with secure pages reporting they are partially encrypted, this is being caused by these two http Handlers, on a straight webserver we could ignore these Handlers in the webconfig file, but all the SSl is being handle by the F5, is there a way to ignore these Handlers on the F5, I was looking at iRules but couldn't find the correct syntax.

TIA,
Bob Smith

INFO:
The HTTP handlers are invoked when a certain file or type of file is requested from the server. In ASP.NET 2.0, embedded resources make heavy use of the WebResource.axd virtual file to dynamically serve images and JavaScript that don't actually have a physical file. When used, these handlers may cause mixed security warnings unless the module is instructed to ignore them. The ignoreHandlers attribute lets you generally ignore these handlers quite easily. You may configure the module to ignore any standard HTTP handler with a file extension of *.axd by setting the attribute to WithStandardExtensions. The default setting is BuiltIn and forces the module to just ignore the two built-in handlers Trace.axd and WebResource.axd.
Avatar of Carlos Hernandez
Carlos Hernandez
Flag of United States of America image

Here is the iRule you'll want to use. This iRule will find the attribute you are looking for and set the value.  You can also use the HTTP::payload replace to insert content if it does not exist.

http://devcentral.f5.com/wiki/default.aspx/iRules/InsertContentIntoServerResponse.html
when HTTP_RESPONSE_DATA {  
   
   # Here you define what you want to find in the payload  
   set find "ATTRIBUE AND VALUE TO BE REPLACED"
   
   # And here's what you'll be replacing it with  
   set replace "NEW ATTRIBUE AND VALUE"
   set payload [HTTP::payload]  
   
   # Run the regsub to make all the replacements (add -nocase for case insensitivity)  
   if {[regsub -all $find $payload $replace new_response] > 0} {    
      HTTP::payload replace 0 [HTTP::payload length] $new_response  
   }
 
}

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of bobs6140
bobs6140

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial