Forum Discussion

Nimbostratus

Feb 01, 2016

Multiple Secure and HttpOnly attributes seen for cookie

Hi, I ran a curl command from a linux machine to a URL (on https) which is hosted on our BIG IP LTM. This virtual server has been set to add Secure, HttpOnly attributes to the cookie. However, I s...

Nimbostratus

Feb 01, 2016

Hi Kai, Below is the configured iRule: when HTTP_RESPONSE { set unsafe_cookie_headers [HTTP::header values "Set-Cookie"] HTTP::header remove "Set-Cookie" foreach set_cookie_header $unsafe_cookie_headers { HTTP::header insert "Set-Cookie" "${set_cookie_header}; Secure; HttpOnly" } }

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Multiple Secure and HttpOnly attributes seen for cookie

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Kubernetes cert-manager + LetsEncrypt + F5

ACME DNS RFC-2136 Let's Encrypt certs

MAC users unable to access Internet when on Netskope

Could not communicate with the system. Try to reload page.

F5 mssql health monitor failing

Related Content

Multiple value seperator in saml Attribute

Using n8n To Orchestrate Multiple Agents

How to add Httponly and Secure attributes to HTTP cookies (for 11.5.x)

AD Authentication using multiple user attributes

Lightboard Lessons: HTTP Cookie SameSite Attribute

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS