Forum Discussion

Nimbostratus

Nov 22, 2016

ASM | Too many cookies in the request

Hi I am getting some (what i believe to be) legit requests blocked by ASM. The violation is 'Modified domain cookie(s) , but when i click it to get more info on the violation i get; Too many...

Cirrocumulus

Nov 23, 2016

I believe that ASM will detect this as a violation because this condition (55 cookies with the same name/different values) actually breaks the RFC standard for cookies.

RFC6265 states:

"Servers SHOULD NOT include more than one Set-Cookie header field in the same response with the same cookie-name"

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ASM | Too many cookies in the request

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Does F5 rSeries 4600 support 3rd Party SFP

no upload file .docx

F5 LACP

F5 BGP Peering in Active /Standby Cluster

AS3 Storage

Related Content

iRule to take cookie from HTTP Response into HTTP Request via table

Cookie-based DDoS protection

Delete Cookie From Request By Regex

Encrypting Cookies

2. SYN Cookie: Operation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS