F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Chris_Paulraj_1's avatar
Chris_Paulraj_1
Icon for Nimbostratus rankNimbostratus
17 years ago

Could someone shed light on "Modified Domain Cookie" violations?

I need some help in understanding the modified cookie domain violation. Does ASM report it when a cookie gets modified at the client side (browser)? and does it also report when a cookie gets updated ...
app sec
BIG-IP Access Policy Manager (APM)
security
Chris_Paulraj_1's avatar
Chris_Paulraj_1
Icon for Nimbostratus rankNimbostratus
16 years ago
Thank you Javier, You are right on, we do see those violations. Does it also flag when the protocol is switched? We get Bigip affinity cookie from our public site using HTTP and when we switch to HTTPS at the time of login, it is flagging both affinity cookies with Modified Domain cookies violation. (two different pools - one for HTTP and one for HTTPS)

 

 

thanks again

 

Chris