Forum Discussion
NimbostratusiRule redirect with cookie removal
Hello DevCentral community,
I've a question for you, is possible to remove a cookie on a HTTP::respond 302 redirect ?
Like: if i click on the logout URI , i need to redirect to the homepage and delete the cookie
Thanks in advance,
Best Regards
M.
3 Replies
StephanMantheyNacreous
Hi MDPF52,
you can remove a cookie from a redirect received from a pool member.
But the client may still have a cookie stored in his browser cache and send it with a new request to the server.
Would you please give us a bit more information about the traffic flow?
Thanks, Stephan- StephanManthey
Hi MDPF52,
from my perspective it can just be overwritten but not be deleted (here is a sample):
when RULE_INIT { set static::remove_cookie 1 } when HTTP_RESPONSE { if { $static::remove_cookie == 1 } { if { [HTTP::cookie exists APPSESSIONID] } { HTTP::cookie remove APPSESSIONID } HTTP::cookie insert name APPSESSIONID value "loggedout" path "/" domain "cookietest.lb-net.bit" version 1 } }Maybe this helps a bit. So if you test new incoming requests for the cookie and treat them according to your policies.
Make sure to lookup your broswer cache for other domain or path specific cookie from your site. Maybe they need to be overwritten specifically.
Thanks, Stephan
Michael_JenkinsCirrostratus
To add to what Stephan said, when we do things like this on a redirect, here's what my iRule generally looks like the following. Like Stephan said, you'll need to make sure you're removing the cookie with at right path (and at the right domain if you're setting domain level cookies anywhere)
when HTTP_REQUEST { ... prior code HTTP::respond 302 Location "Redirect URL" "Set-Cookie" "CookieName=deleted; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT" return }
