Forum Discussion
BT_90520
Jun 12, 2012Nimbostratus
if you take a look at the ASM policy>blocking>settings, those violation is alerted as you enable it under the option " Modified domain cookie(s)", or even subsequent for other cookie violation " ASM Cookie Hijacking", and "Modified ASM cookie". importantly, they are triggered as you configured in the Headers : Cookies : Cookies. There is the two type of cookie which will trigger the violation. Esp on the Enforced cookie
a) Enforced cookies - may not be changed by the client
b) Allowed cookies - may be changed by the client.
As for the extra msg, owasp has good info on Session Management Schema. Cookie manipulation is a key component for bypass and tamper. not sure if this is what you are expecting though @ https://www.owasp.org/index.php/Testing_for_Session_Management_Schema_(OWASP-SM-001)