Forum Discussion

Nimbostratus

Aug 26, 2013

How to properly insert HttpOnly and Secure cookie directives?

My load balancer has an iRule that adds the HttpOnly and Secure cookie directives. The rules is adding the directives multiple times, and in the incorrect places. How can I get the directives added c...

Nimbostratus

Oct 25, 2016

Specify the version while you are inserting the cookie and then set the httponly flag. Works with 11.5.x.

when HTTP_RESPONSE {
HTTP::cookie insert name “UserName” value “john.doe” path “/” domain “xyz.com” version 1
HTTP::cookie version “UserName” 1
HTTP::cookie httponly “UserName” enable
}

More details here:

https://guptaashish.com/2016/10/24/f5-irules-setting-the-httponly-flag-on-a-http-cookie/

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)