Forum Discussion

Nimbostratus

Aug 06, 2018

jsessionid

I thought we had a solution (I was wrong). Appearently when you use ZAP or other header scanners they will find the JSESSIONID. I found the HTML code I need but would rather do it in the F5. The c...

Cumulonimbus

Aug 06, 2018

Little confused on what you are trying to do but with an iRule you can do the following to remove the JSESSIONID cookie in the response:

when HTTP_RESPONSE {
  HTTP::cookie remove JSESSIONID
}

Would this not break the backend application as remove the session state between the client and the backend?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

jsessionid

Jeff - May 2026 Featured F5er

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

shame on f5

Dynamic import of data groups

ASM allow specific url from outside country of geolocation ON

AWAF Detection Inconsistency Between Similar Test Payloads

version 21.1 ACME setup for certificate renewal with Digicert

Related Content

Weblogic JSessionID Persistence

Weblogic JSessionID Persistence for Session Replication

JsessionIDによるパーシステンスiRule

Persist On Last JSESSIONID in HTTP Parameter

Weblogic JSESSIONID Persistence BIG-IP v4

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS