HTTP to HTTPS Redirection for Citrix Web Interface

by Jeremy Saunders on December 26, 2008

I wrote this HTTP to HTTPS redirection script for a customer so that they were able to leave TCP port 80 open through their firewall to make the transition over to using the Citrix Secure Gateway (CSG) solution a little less confusing for their users. There were a couple fo goals I wanted to achieve with this script:

  1. I needed to write a single script that could run from “C:\Inetpub\wwwroot” and “C:\Inetpub\wwwroot\Citrix\XenApp”.
  2. I didn’t want to hardcode any customer specific information into the script to make it more universal.

This script has been fully tested with Citrix Web Interface (WI) 5.0.1 and Citrix Secure Gateway (CSG) 3.1, but can easily be adapted for previous versions.

Please read the comments within the script so that you will understand how it’s been implemented.

Save this script as default.asp

<%@ Language=VBScript %>
<%Option Explicit %>
<%

' This asp script is used to redirect HTTP to HTTPS, specifically written for Citrix
' Secure Gateway 3.1 and Web Interface 5.0.1.
'
' This allows us to leave port 80 open on the Internet facing firewall so that users
' do not need to remember to type https in the URL address.
'
' Place a copy of this in the root of the Default Web Site, typically C:\Inetpub\wwwroot,
' and another copy in the Web Interface Site, typically C:\Inetpub\wwwroot\Citrix\XenApp.
' Add a default document of default.asp to both sites, and move the default.asp script to
' the top of the list.
'
' If your Web Interface instance is something other than "XenApp", you will need to
' change the strWebInterfaceSiteName variable below.

' Release 1.0 by Jeremy@jhouseconsulting.com on 23rd December 2008.

Dim strWebInterfaceSiteName, strCurrentURL, strNewURL, strHost

strWebInterfaceSiteName = "XenApp"
strCurrentURL = Request.ServerVariables("URL")

If instr(1,strCurrentURL,strWebInterfaceSiteName,1) > 0 Then
' Perform a case insensitive string comparison to manipulate the URL
  strNewURL = replace(strCurrentURL,"default.asp","default.htm", 1, -1, 1)
Else
  strNewURL = "/WebInterface.htm"
End If

' I found that both "HTTP_HOST" and "SERVER_NAME" were returning "localhost" after
' the redirection, so we use "HTTP_X_FORWARDED_SERVER" instead.
IF Request.ServerVariables("HTTP_HOST")="localhost" Then
  If Request.ServerVariables("SERVER_NAME") = "localhost" Then
    strHost = Request.ServerVariables("HTTP_X_FORWARDED_SERVER")
  Else
    strHost = Request.ServerVariables("SERVER_NAME")
  End If
Else
  strHost = Request.ServerVariables("HTTP_HOST")
End If

If Request.ServerVariables("HTTPS")  = "off" Then
  Response.Write("Redirecting to https://" & strHost & strNewURL)
  Response.Redirect("https://" & strHost & strNewURL)
Else
  Response.Write("Transferring processing over to " & strNewURL)
  Server.Transfer(strNewURL)
End If

%>

Enjoy!!!

Jeremy Saunders

Jeremy Saunders

Independent Consultant | Contractor | Microsoft & Citrix Specialist | Desktop Virtualization Specialist at J House Consulting
Jeremy is a highly respected, IT Professional, with over 30 years’ experience in the industry. He is an independent IT consultant providing expertise to enterprise, corporate, higher education and government clients. His skill set, high ethical standards, integrity, morals and attention to detail, coupled with his friendly nature and exceptional design and problem solving skills, makes him one of the most highly respected and sought after Microsoft and Citrix technical resources in Australia. His alignment with industry and vendor best practices puts him amongst the leaders of his field.
Jeremy Saunders
Jeremy Saunders
Jeremy Saunders

Previous post:

Next post: