For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Danny_Alvarez_1's avatar
Danny_Alvarez_1
Icon for Nimbostratus rankNimbostratus
Feb 08, 2016

Adding "HTTP::cookie httponly $mycookie enable" on iRule breaks connection on an HTTPS VIP

Hi, Trying to secure cookies and apply HttpOnly flag at the same time with the following iRule: when HTTP_RESPONSE { foreach mycookie [HTTP::cookie names] { HTTP::cookie secure $mycookie enable...
application delivery
iRules
Kai_Wilke's avatar
Kai_Wilke
Icon for MVP rankMVP
Feb 08, 2016

Hi Danny,

it looks like an ordinary TCP connection reset. In this case you'll hopefully find some addtional information in your LTM log file. Keep an eye for TCL related errors...

To capture SSL requests/responses I could recommend to use Fiddler2. Fiddler2 is a free SSL-Inspection enabled Forward-Proxy (runs on your desktop) that lets you explore SSL protected HTTP communication. Give it a try, download and install this tool and don't forget to turn on SSL inspection within the Fiddler HTTPS Options. But i guess in your specific case Fiddler2 would also just see the connection reset?

Note: Keep in mind that the 

[HTTP::cookie httponly]
is relatively new. You have to use v11+ to use this command.

Cheers, Kai

Related Content