Forum Discussion

Altocumulus

Jun 14, 2024

Cookie insert via http:redirect - can it be configured "secure"?

Using slightly changed example from DevCentral I am able to insert cookie on http redirect when CLIENT_ACCEPTED { set cookie [format "orig_lang=french; path=/; domain=client.com"] } w...

irule cookie redirect secure

Dmitriy_Tiper

Altocumulus

Jun 17, 2024

I did try iRule in my initial question and it works in terms of insertion of a cookie. May be I was unclear in what I am asking :) Yes, I am asking "how" - i.e. iRule syntax to allow this cookie also to be secure and httponly.

boneyard
MVP
Jun 17, 2024
Add this to your cookie string (set cookie ...) and you should be ok:

; secure; HttpOnly

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Cookie insert via http:redirect - can it be configured "secure"?

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

F5 Partner Solution Showcase - "ImmuniWeb - Application Security Testing and Remediation"

How I did it - "Securing NVIDIA’s Morpheus AI Framework with NGINX Plus Ingress Controller”

How I did it - "Securing Nvidia Triton Inference Server with NGINX Plus Ingress Controller”

LockBit, Pwc2Own, AI, "Othello is solved" Oct30th to Nov5th, 2023 F5 SIRT This Week in Security

Missing TABs in "Application Security" BIG-IP 17.1.1.3 - BIG-IP 15.1.7

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS