Forum Discussion

PiotrL's avatar
PiotrL
Icon for Cirrus rankCirrus
Oct 03, 2019

ASM cookie, modifying "domain" field

Is it possible to modify "domain" field in the ASM cookie ? As it appears ASM is using a hostname from http header, unfortunately the host is replaced to an internal hostname (required by an app) i...
ASM Advanced WAF
asm ts cookie
cookie
Andrew-F5's avatar
Andrew-F5
Icon for Employee rankEmployee
Nov 06, 2019

Unfortunately this isn't a configurable option yet within ASM but it is a feature that has been requested.

You would have to modify the cookie via iRule to get the result you want.

== Sample iRule ==

when RULE_INIT {
  # Cookie name prefix
  set static::ck_pattern "TS*"
 
  # Log debug to /var/log/ltm? 1=yes, 0=no
  set static::ck_debug 1
}
 
when HTTP_REQUEST {
  set incoming_domain [HTTP::host]
  if {$static::ck_debug}{log local0. "incoming domain name: [HTTP::host]"}
}
 
when HTTP_RESPONSE_RELEASE {
  if {$static::ck_debug}{log local0. "Cookie names: [HTTP::cookie names]"}
  # Check if the cookie names in the response match our string glob pattern
  if {[set cookie_names [lsearch -all -inline [HTTP::cookie names] $static::ck_pattern]] ne ""}{
    # We have at least one match so loop through the cookie(s) by name
    if {$static::ck_debug}{log local0. "Matching cookie names: [HTTP::cookie names]"}
    foreach cookie_name $cookie_names {
      HTTP::cookie attribute $cookie_name remove domain
      HTTP::cookie attribute $cookie_name insert " Domain" ".$incoming_domain"
    }
  }
  if {$static::ck_debug}{log local0. "Cookie header(s): [HTTP::header values Set-Cookie]"}
}
  • Sanket-9968's avatar
    Sanket-9968
    Icon for Nimbostratus rankNimbostratus
    May 07, 2024

    Thanks Andrew
    Is the configurable option within ASM is available now? I am using 16.1.4 image and need to modify the domain name set in the ASM cookie.