Forum Discussion

Altostratus

Dec 07, 2021

Issues with cookies persistence

Need help on below issues: Seeing "Sensitive Cookie with Improper or Insecure or Missing SameSite Attribute" message, when user is generating report from F5 url. Currently: Default cookie...

Noctilucent

Apr 01, 2022

Hello Rishi.

Take into account that cookie persistence by default inserts a new cookie in the HTTP request.

If your app has specific restrictions to protect against CSRF, that would raise some of those messages.

Check the SameSite condition.
https://cwe.mitre.org/data/definitions/1275.html

Maybe, in your case, a "SameSite=Lax" condition is needed

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Issues with cookies persistence

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Username is not filled in EdgeClient in the Modern customization

The GSLB pool is providing an incorrect IP to end users

iRule causing requests to be duplicated (sometimes)

Cisco TACACS+ Config on ISE LTM Pair

Related Content

How OneConnect Profile works with Cookie Persistence

Decoding the IPv4 address from the persistence cookie

F5 XC – Persistence and Resiliency pt. I (persistence)

Persistence Cookie Logger

Persistence Cookie Logging

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS