iRule to secure flag on specific URL (Multiple URL in one VS)

Question

Hi&nbsp;We know that F5 can add secure attr in cookie from irule HTTP_RESPONSE  &lt;https://support.f5.com/csp/article/K11324&gt;but this is apply to all website in virtual server!!&nbsp;We have many URL in one virtual server. (Multi domain). ie  URL-a.example.com and URL-b.example.com have the same Virtual server&nbsp;Can we just add secure flag on cookie only when we access URL-a.example.com ?  no need to add flag when we access URL-b&nbsp;I think we need variable to check if http:host is URL-a or URL-b, but I don't know how to do it when this variable has to share on HTTP_REQUEST and HTTP_RESPONSE event on the same times.&nbsp;Thank you

spalande · Answer

You may try below. when HTTP_REQUEST {
set sflag 1
if { [class match [HTTP::host] equals secure-flag-domains] } { set sflag 0 }
return
}
&nbsp;
when HTTP_RESPONSE {
    if { $sflag == 0} { 
    foreach mycookie [HTTP::cookie names] {
    HTTP::cookie secure $mycookie enable
   }
  }
}

Forum Discussion

iRule to secure flag on specific URL (Multiple URL in one VS)

Recent Discussions

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Client SSL Profile set to Require Client Certificate breaks RDP in APM

Related Content

F5 Security Podcasts

Certifications for security professionals

API security

Ensuring Security in Continuous Integration and Continuous Deployment (CI/CD) Pipelines

Minecraft Malware, Secure AI Framework - June 4 - June 9th F5 SIRT This Week in Security

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS