Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Mixed-Content Issue

 

Information

 

Summary:

Getting mixed content after migrating from F5.

Environment:

Product: LoadMaster

Version: Any

Platform: Any

Application: Any

Question/Problem Description:

After migrating to the LoadMaster, one of the customer's site is complaining about Mixed-Content.

Steps to Reproduce:  
Error Message: Mixed Content: The page at 'https://<URL>' was loaded over HTTPS, but requested an insecure frame 'http://<URL>'. This request has been blocked; the content must be served over HTTPS.
Defect Number:  
Enhancement Number:  
Cause: Servers are only listening on HTTP and the application needs to be ran over HTTPS with SSL termination on the LoadMaster.
Resolution:

Customer created a body modification rule to match on /http:\/\// and replace with https:// and applied the delete Accept-Enconding rule but no luck.

- We inspected the page and saw the following message:

Mixed Content: The page at 'https://<URL>' was loaded over HTTPS, but requested an insecure frame 'http://<URL>'. This request has been blocked; the content must be served over HTTPS.

This seemed to be more of a header replacement rather than a body modification. Looking at the dev tools, we saw a 302 with the Location header: http://<URL>

- We created a Location header replacement by going to Rules & Checking > Content Rule > New > Rule Type - Replace Header with the following fields:

Header Field: Location

Match String: /http:\/\/(.*)/

Value of Header Field to be replaced: https://\1

This rule will grab anything on HTTP and replace it with HTTPS.

- Then, applied this rule to the VIP by going to Advanced Properties > Show Header Rules > Add as a Response Haeder and tested again and this worked as expexted.

Workaround:  
Notes:

https://support.kemptechnologies.com/hc/en-us/articles/115004548366-How-To-Create-Response-Body-Modification-Content-Rules

https://support.kemptechnologies.com/hc/en-us/articles/4423906696589


Comments