For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Chris_Paulraj_1's avatar
Chris_Paulraj_1
Icon for Nimbostratus rankNimbostratus
Jan 20, 2009

Could someone shed light on "Modified Domain Cookie" violations?

I need some help in understanding the modified cookie domain violation. Does ASM report it when a cookie gets modified at the client side (browser)? and does it also report when a cookie gets updated ...
app sec
BIG-IP Access Policy Manager (APM)
security
Javier_Checa_41's avatar
Javier_Checa_41
Icon for Nimbostratus rankNimbostratus
Jan 27, 2009
Hello cpaulrag,

 

 

I guess you already have tried this.. but.. have you checked from which domain the cookie is set.

 

 

Browsers do allow cookies for the domain you are browsing and for higher domains. For example: if you are browsing for devcentral.f5.com , your browser will allow setting and viewing cookies for the domain devcentral.f5.com and also, cookies for the domain f5.com .

 

 

However, F5 ASM only allow cookies from the same exactly domain. If you are browsing devcentral.f5.com , it won't allow you to use f5.com domain cookies and it will trigger the "Modified Domain Cookies".

 

 

regards,

 

Javier.