Forum Discussion

Sumit_sam_14525

Nimbostratus

May 30, 2014

How to set HTTPOnly in cookie when HTTP::response & make the session persist on that cookie

I need to insert secure cookie in HTTP:response and then make session persist on that cookie. Any Ideas !!

Sumit_sam_14525

Nimbostratus

Jun 05, 2014

For everyone's reference, I've fixed the issue with following irule.

when HTTP_RESPONSE { HTTP::cookie secure "JSESSIONID" enable set ck [HTTP::header values "Set-Cookie"] HTTP::header remove "Set-Cookie" foreach acookie $ck { if {$acookie starts_with "JSESSIONID"} { HTTP::header insert "Set-Cookie" "${acookie}; HttpOnly" } else { HTTP::header insert "Set-Cookie" "${acookie}; HttpOnly" } } }

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

How to set HTTPOnly in cookie when HTTP::response & make the session persist on that cookie

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Terraform LTM provider - ICMP disabled on resulting VIPs

Need to make 2 Virtual Appliance in r4600 F5

Disabling signature for a URL

XC - geo LB to the origin servers

F5 LACP

Related Content

MCP Session Affinity With F5 NGINX Plus

Rewrite http:// to https:// in response content

iRule to take cookie from HTTP Response into HTTP Request via table

LTM HTTP Profile Option: Response Chunking

Log Tcp And Http Request Response Info

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS