On Nov 22, 2016 5:37 AM, "Jonathan Opperman" <[email protected]> wrote:
> I want http://foo.bar.bin/blah.com to redirect to http://foo-bar-bin.blah.com > > I want that last dash-domain to also redirect to SSL. The context of the rest of the message suggests that your first example should have been a dot where you showed a slash, but perhaps not. Please clarify, which are we talking about? This? my.site.example.net/example.com -> my-site-example-net.example com Or this? my.site.example.net.example.com -> my-site-example-net.example.com > The order is important. Browsers recently started doing their SSL check BEFORE the redirects, so we are getting security warnings. Um. I don't think that's a new thing. It isn't possible to send a request and get a redirect response before validating the SSL cert, and it hasn't been... so unless I misunderstand, it's not exactly clear what you are saying has changed. Obviously, though, you seem to be saying "don't send to https in one redirect and expect to rewrite the hostname in the next." Sensible enough. If you're talking about just redirecting to a rewritten host with some character replacement, that's accomplished easily enough in 1.6. http-request redirect location https:// %[hdr(host),regsub(\.example\.com$,),regsub(\.,-,g)].example.com%[capture.req.uri] if { hdr_reg(host) -i .+\..+\.example\.com$ } If the Host header matches the regex -- that is, if it ends with . example.com and contains at least one literal "." previous to that, then redirect to "https://"; + the original host header with .example.com removed from the end, then the rest of the "." replaced with "-" + ".example.com" + the captured request uri, which is path + query string. $ curl -v 'http://my.test.here.example.com/some/path?query=1&works=1' < HTTP/1.1 302 Found < Location: https://my-test-here.example.com/some/path?query=1&works=1 This also has the desired behavior if the request is already https. On the other hand, if you actually needed something like this... my.site.example.net/example.com -> my-site-example-net.example co m ...that is an odd use case, but it can be done... though more information is needed about what should happen to the rest of the path and whether there's more than one domain expected after the "/".
