Rewriting IIS Server Response Content from HTTP to HTTPS

eraser-paper

This may seem like an unusual post, but this may apply to “load-balancer gurus” who do SSL termination. In certain cases web-applications that you host have embedded code that reference http links. This can be resolved with F5 iRules, but it can be tricky with Cisco ACE.

Instead of reinventing the wheel, here’s how to do it with the URL Rewrite module in IIS. A good reference link can be found here.

Lets say your webserver keeps responding with image referrer links with http instead of https. This will give users on the web errors about mixed content. IIS can rewrite those responses for you without spending tons of man-hours fixing your code or bothering developers.

What this is doing is looking for any content that starts with HTTP and grabs any content after the star as a back-reference to basically plop into use in the next portion. {R:2} is that reference in the rewrite value.  I’m looking for http patterns after img, link and script tags. You can customize to your specific application.

 <rule name="Content-Rewrite" preCondition="" enabled="true" patternSyntax="Wildcard">
  <match filterByTags="Img, Link, Script" pattern="*http://*" />
   <conditions />
    <action type="Rewrite" value="https://{R:2}" />
  </rule>
  <preConditions>
  <preCondition name="http" logicalGrouping="MatchAny" patternSyntax="Wildcard">
  <add input="{RESPONSE_CONTENT_TYPE}" pattern="http:" />

Rewriting IIS Server Response Content from HTTP to HTTPS