Damyan Ivanov wrote:
Wouldn't it be better to parse responses on BigIPs and replace 'http'
with 'https' if redirect is detected? I have no idea how to do this, though.
The BigIP has some TCL functions available during the response, but I'm assuming that any regexing I do there would be not enough, and I can think of scenarios where the user had redirected explicitly to http:// and I'd be rewriting it when I shouldn't be. Plus there's also the matter of dynamically created URLs embedded in the body, created by perl/php/python/etc that were using the same scheme as the incoming URL.
However, it's definitely something to look further into.
