F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Dec 14, 2007

Manipulating a decrypted cookie value using HTTP::cookie decrypt

Hi,     I'm running into an issue on 9.2.4 when trying to get and potentially manipulate the unencrypted value of a cookie. I encrypt the cookie sent in the response using HTTP::cookie encrypt ...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Jan 07, 2008
Hi pchang,

 

 

I finally had time to retest this and see what you mean. I could have sworn that I was seeing the response modified using HTTP::cookie encrypt, without explicitly setting the value of the cookie to the encrypted string. Odd. Anyhow, thanks for the pointer.

 

 

I might submit an RFE to see if the values could be modified in place, instead of having to explicitly set the value of the cookie to the encrypted/decrypted string. As it is, there doesn't seem to be any significant advantage to using HTTP::cookie encrypt/decrypt compared with the AES encrypt/decrypt commands.

 

 

Aaron