Forum Discussion

Dave_Burnett_20's avatar
Dave_Burnett_20
Icon for Nimbostratus rankNimbostratus
Nov 10, 2008

Modified Domain Cookie blocking

We have recently installed a pair of F56400s (v9.4.3) in front of our website with ASM in blocking mode.     Despite the fact that our Website only utilises a handful of cookies (all confi...
app sec
BIG-IP Access Policy Manager (APM)
security
AllynCarter_377's avatar
AllynCarter_377
Icon for Nimbostratus rankNimbostratus
Apr 29, 2009
I am seeing similar problems to those being described here. We receive numerous cookies, which I believe get added by the client's web proxy. One example of this is "BCSI-CS0A84E644", which I believe originates from a BlueCoat proxy. I think it's poor form of these proxies to add a cookie, but I have to work around it. Ideally, I would like to allow all cookies that start with BCSI, but I can't find a way to do that.

 

I could add an iRule to delete all such cookies, but I am concerned about how the proxy will behave if the response does not contain its cookie. I suppose it might be possible to strip the cookie when recieved and then re-attach it when sending the response, but that's starting to sound like a complex solution.

 

Any suggestions?