For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

DaveC_53879's avatar
DaveC_53879
Icon for Nimbostratus rankNimbostratus
May 06, 2011

cookie persistence sendfor: http only

Need help with cookie persistence. LTM version 9.4.6. How do I set the F5 cookie to http only?
config
design
DaveC_53879's avatar
DaveC_53879
Icon for Nimbostratus rankNimbostratus
May 12, 2011

Thanks for getting back to me. There is no change. It looks like your script needs to read the string BIGipServerAA_sessiontest_pool, with AA_sessiontest_pool as my pool for testing, but can't since it's encrypted. If I unencrypt the cookie your iRule works as expected. I tried replacing the actual name of my cookie in your script, but that didn't help.

 

 

when SERVER_CONNECTED {}

 

 

when HTTP_RESPONSE { Check if the response contains the persistence cookie if

 

 

{[HTTP::cookie cookie_sessiontest$] ne ""}{

 

 

Replace the last Set-Cookie header value with the same value and ; HttpOnly appended HTTP::header replace Set-Cookie "[HTTP::header Set-Cookie]; Http Only" } }