Forum Discussion

Nimbostratus

Nov 30, 2017

adding httponly flag in rule breaks the website

When i apply a irule on https-VIP to add httponly flag for all cookies, the site stop working. Any idea ? i_rule : when HTTP_RESPONSE { foreach mycookie [HTTP::cookie names] { HTTP::cookie http...

application delivery

LTM

eey0re_68979

Altocumulus

Dec 01, 2017

The

HttpOnly

flag on a cookie means that the cookie is not visible to any JavaScript which runs in the browser. If setting it breaks your site, then that cookie must be used by scripts on the page.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

adding httponly flag in rule breaks the website

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

ACME DNS RFC-2136 Let's Encrypt certs

MAC users unable to access Internet when on Netskope

Could not communicate with the system. Try to reload page.

F5 mssql health monitor failing

DNS Traffic from floating IP to public IP of a VIP

Related Content

APM-Specific Features for Securing Your Website

Troubeshooting website connection

F5 Websites Accessibility Survey

Release Notes: DevCentral Website

DevCentral Website Feature Mini-Survey

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS