Forum Discussion
iRule to rewrite cookie domain to toplevel domain
- Mar 18, 2016
Finally I was able to set the cookie domain to toplevel by using the following iRule. Cookies are set to toplevel domain now by using HTTP::host and comparing directly with the domain values I have. What do you think about the following iRule? Any flaws?
when HTTP_REQUEST { log local0. "Cookie names in received request: [HTTP::cookie names] from IP: [IP::local_addr]" set httphost [HTTP::host] } when HTTP_RESPONSE { foreach mycookie [HTTP::cookie names] { log local0. "Host : $httphost" if { $httphost ends_with ".abc.com" } { HTTP::cookie domain $mycookie ".abc.com" } elseif { $httphost ends_with ".abbc.com" } { HTTP::cookie domain $mycookie ".abbc.com" } else { log local0. "Not a single cookie domain matched :" } } }
I think he could not use such iRules HTTP functions if he did not had http profile applied, but better if DJDX21 can confirm that point, and good point pointing with eventual HTTPS.
DJDX21, according to your example, you have entered:
set b ".abbc.local"
instead of:
set b ".abbc.com"
Likely, if your problem does not come from missing http or ssl client profiles, your if statements most probably never match. You can simply check that with logging like for instance:
when HTTP_REQUEST {
log local0. "Cookie names in received request: [HTTP::cookie names] from IP: [IP::local_addr]"
}
when HTTP_RESPONSE {
set a ".abc.com"
set b ".abbc.com"
foreach mycookie [HTTP::cookie names] {
set cookieDomain [HTTP::cookie domain $mycookie]
if { $cookieDomain contains $a } {
log local0. "Cookie domain matched: $a"
HTTP::cookie domain $mycookie $a
}
elseif { $cookieDomain contains $b } {
log local0. "Cookie domain matched: $a"
HTTP::cookie domain $mycookie $b
}
else {
log local0. "Not a single cookie domain matched :/"
}
}
}
Note I did not test this iRule on real traffic but only validates the compilation on a VM.
Good luck
- DJDX21_252164Mar 17, 2016CirrusThanks will try logging and yes I have profile attached and HTTPS enabled. Thanks!
- DJDX21_252164Mar 17, 2016Cirrus@Sylvain. Thanks for the advice I tried logging and it seems "Not a single cookie domain matched :\" But it should match because when for only abc.com works. when HTTP_RESPONSE { foreach mycookie [HTTP::cookie names] { HTTP::cookie domain $mycookie ".abc.com" } }
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com