Forum Discussion

Cirrus

Feb 12, 2014

Maximum length/legal characters for JSESSIONID cookie

My setup is using JSESSIONID persistence to load-balance a weblogic application, and the JSESSIONID values they send to the client are quite convoluted: JSESSIONID=4k97S6kYZcX0LpD5tLLSC54yy9y2fzrtz...

Employee

Feb 12, 2014

While there is no prescribed standard limit for cookie sizes, RFC 6265 recommends that a "user-agent" should at least be able to handle 4096 bytes per cookie. Hopefully you don't have cookies that big, but nonetheless it's nothing that the BIG-IP persistence table can't handle. I'd also add that the example JSESSIONID value that you've provided is not uncommonly long.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Maximum length/legal characters for JSESSIONID cookie

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Weblogic JSessionID Persistence

Weblogic JSessionID Persistence for Session Replication

Character Length for Object Names

Persist On Last JSESSIONID in HTTP Parameter

Sanitize special characters in AD groups names

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS