For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

PiotrL's avatar
PiotrL
Icon for Cirrus rankCirrus
May 29, 2017

Secure cookie from a specified pool

I'd like to add the secure attribute for JSESSIONID cookie, that comes from the specified pool. Can I do this as follows ?

when HTTP_RESPONSE {
if {[LB::server pool] equals "xyz_pool"}{
HTTP::cookie secure "JSESSIONID" enable
 }
}
application delivery
BIG-IP
iRules
secure cookie

1 Reply

  • cjunior's avatar
    cjunior
    Icon for Nacreous rankNacreous
    May 29, 2017

    Hello, Try changing the comparison operator (contains, ends_with), like this:

    when HTTP_RESPONSE {
    if { [LB::server pool] ends_with "xyz_pool" } {
        HTTP::cookie secure "JSESSIONID" enable
    }
}

    Or you can try like this:

    when HTTP_RESPONSE {
    if { [LB::server pool] equals "/Commom/xyz_pool" } {
        HTTP::cookie secure "JSESSIONID" enable
    }
}

    Because the statement "[LB::server pool]" aggregate partitions name in your result.

    Regards.