issues to set cookie with IE only
Hi, I'm experiencing an issue to set cookie in IE with the iRule below. Everything works fine with Firefox as the cookie is created but with IE, the user gets stuck in the redirection page and cannot access the application after retyping the URL . With my testing, I found that when cookie value is set to «1» or «true», IE refuses systematically to create a cookie, with a different value it has worked once but the not anymore. Any help would be appreciated.
Here is the iRule
when HTTP_REQUEST { if { [SSL::cipher version] eq "TLSv1" } { if { not ( [HTTP::cookie exists TLSDISABLE] ) } { set expires "28800" HTTP::respond 302 Location "; "Set-Cookie" "TLSDISABLE=good; path=/; expires=$expires; secure; httponly" } } }
Dakar,
The Expires attribute in a cookie is not supposed to be an integer.
You can check this in RFC 6265.
I haven't tested this code, but I believe it is closer to what you're looking for.
when HTTP_REQUEST { if { [SSL::cipher version] eq "TLSv1" } { if { not ( [HTTP::cookie exists TLSDISABLE] ) } { set expires [clock format [expr { [clock seconds] + 28800 } ] -format "%a, %d-%b-%Y %T GMT" -gmt 1] HTTP::respond 302 Location "http://page.abc.com/sslwarning.html" "Set-Cookie" "TLSDISABLE=good; path=/; Expires=${expires}; Secure; HttpOnly" } } }
The Expires attribute would look something like this Expires=Sat, 18-Mar-2017 05:32:54 GMT