Forum Discussion
dipta_03_149731
Nimbostratus
NimbostratusHow to write an Irule to delete session cookies so that we can enhnace security level.
We have few admin URLs that we dont want to be accessed by a 3rd person after we logout from the application. So can we write an Irule to " set all cookies to expired state".
dipta_03_149731Nimbostratus
NimbostratusThanks for responding Hannes..
Yes I would want to delete all session cookies whatever got established during a session . And this should work in all browsers be it IE or Chrome. Right now after we click on logout page we see a 302 redirect to page for instance. So what I want to do is:
Browser
GET /logout
VIP response
Set all cookies to expired
Hannes_Rapp"Right now after we click on logout page we see a 302 redirect to https://xxx/logout page for instance". Seems like you can give it a try then, this iRule will let '/logout.php' request reach the end-server, and upon response, it will append Set-Cookie HTTP headers to the original response to make the client cookies expire. You do not need to force a HTTP response from F5 which would intercept the application response.
