For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

ScottTS's avatar
ScottTS
Icon for Nimbostratus rankNimbostratus
Oct 01, 2013

Issue seeing session cookie in subsequent requests after being inserted using irule.

Greetings. A vendor requested that we deploy this irule for the purpose of associating connections to the same session so that they can be replayed appropriately with their tool. The irule came from ...
application delivery
deployment
design
devops
iRules
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Oct 02, 2013

You mentioned:

 

I see the cookies, TLTSID and TLTUID being inserted by the LTM on the response and being received by the client workstation. However, i do not see the TLTSID and TLTUID cookies being sent on subsequent GET requests from the client

 

which tells me that this is a client side issue. If the cookies are being sent to the browser, but the browser doesn't send them back, you can generally infer that there's probably either something wrong with the cookie, or some attribute of the cookie (path, domain, expiration, secure, httponly) that is causing the browser to not send it back. The domain attribute immediately stands out in your code. If you're setting a domain attribute in the cookie, and the browser isn't requesting something from that domain, it simply won't send back the cookie.