Forum Discussion

Nimbostratus

Jan 31, 2019

HTTPOnly and Secure flags - Secure Logon

Hi everybody, I am not an expert on F5 and trying to get more knowledge. I would like to add few Security atttibutes, in the HTTP Header. I know that we can use the iRule and write something, bu...

Noctilucent

Jan 31, 2019

Cookie and path can be secured. Have you check any cookie value is setup i.e.

BIGIPCKIE

Below iRule can help to solve issue.

    when HTTP_RESPONSE {
    foreach x [HTTP::cookie names] {
    if { $x equals "BIGIPCKIE" } {
        continue
    }
    set ckname $x
    set ckvalue [HTTP::cookie value $x] 
    set ckpath [HTTP::cookie $x path]
    HTTP::cookie remove $x
    HTTP::cookie insert name $ckname value $ckvalue path $ckpath version 1
    HTTP::cookie secure $ckname enable
    HTTP::cookie httponly $ckname enable
    }
}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)