Forum Discussion

Nimbostratus

Apr 12, 2010

Cookies - HttpOnly, Secure and ASM

Hi, I'm trying to use the iRule code below in our HTTP_RESPONSE event to ensure that the secure flag is enabled on all our outgoing Set-Cookie's. foreach a_cookie [HTTP::coo...

Nimbostratus

Apr 14, 2010

Thanks for the reply Aaron.

I'll chat to support about better support for post-ASM iRule events. I agree - VS sandwich's are painful to scale, especially across the number of sites I need to handle this on.

Regards,

Mark.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Cookies - HttpOnly, Secure and ASM

AppWorld Berlin iRules Contest!

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Recent Discussions

Changes to DO and AS3 GitHub - no longer monitored

How to Verify config before loading to F5

Logical Disk Full to Migrate rSeries

HSL - Local TimeZone - in syslog server

VIP control across data centers - how to ensure only 1 VIP is up at a time?

Related Content

Increased Security With First Party Cookies

Quarterly Security Notification October 2025

How to add Httponly and Secure attributes to HTTP cookies (for 11.5.x)

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

Deploying the F5 AI Security Certified OpenShift Operator: A Validated Playbook

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS