F5 iRule to Secure Cookie with HTTPOnly and Secure but not contains cookie name="cnlfsid"

Question

Hi,
We need to Secure Cookie with HTTPOnly and Secure but not contains a cookie name ="cnlfsid"&nbsp;
Here is my code:&nbsp;
when HTTP_RESPONSE {   &nbsp;
   foreach x [HTTP::cookie names] {     &nbsp;
           set ckname $x
           set ckvalue [HTTP::cookie value $x]
           set ckpath [HTTP::cookie value path]&nbsp;
            if{!($ckname equals "cnlfsid")} {
                    HTTP::cookie remove $x
                    HTTP::cookie insert name $ckname value $ckvalue path $ckpath version 1
                    HTTP::cookie secure $ckname enable
                    HTTP::cookie httponly $ckname enable    
            }
}

}&nbsp;
but it can't work. Can someone help me to fix it.&nbsp;
Many thanks&nbsp;

jg · Answer

Try this modified version:
when HTTP_RESPONSE {
    foreach x [HTTP::cookie names] {
        if { $x equals "cnlfsid" } {
            continue
        }
        set ckname $x
        set ckvalue [HTTP::cookie value $x] 
        set ckpath [HTTP::cookie $x path]
        HTTP::cookie remove $x
        HTTP::cookie insert name $ckname value $ckvalue path $ckpath version 1
        HTTP::cookie secure $ckname enable
        HTTP::cookie httponly $ckname enable
    }
}

.

Forum Discussion

F5 iRule to Secure Cookie with HTTPOnly and Secure but not contains cookie name="cnlfsid"

Recent Discussions

Need Urgent BIGIP Trial License and VM Image

APM for banner and cert

How to Renew F5 Device Certificate

UCS backup not loading Big IP DNS pool

XC Bot defense question

Related Content

Knowledge sharing: Containers, Kubernetes, Openshift, F5 Container Connector, NGINX Ingress

Deploying F5 NGINX Plus Graviton-powered Containers as AWS ECS Fargate Tasks

Scale Multi-Cluster OpenShift Deployments with F5 Container Ingress Services

Run Advanced Containers like OPSWAT Content Scrubbing Directly On F5 Distributed Cloud Nodes

Scaling Containers

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS