Forum Discussion
Kai_Wilke
Feb 03, 2016MVP
Hi Sai,
this is the iRule i was refering to...
when HTTP_RESPONSE {
foreach mycookie [HTTP::cookie names] {
HTTP::cookie secure $mycookie enable
HTTP::cookie httponly $mycookie enable
}
}
Note: The backend doesn't have to deal with those additional flags. Those flags are only send to the client to instruct the browser how to protect the cookie. But it has still the potential to break your application in the case you're not using HTTPS to access the application (Secure flag) or if your Application uses JScript or other client side features to read the cookie values (HttpOnly flag).
Cheers, Kai