Forum Discussion

Shawn_Puckett_8's avatar
Shawn_Puckett_8
Icon for Nimbostratus rankNimbostratus
Jul 09, 2007

Secure Tag for Mutliple Set-Cookies

I’m looking some help with an iRule that would loop through all my Set-Cookie headers in each http::response and set the secure tag on all cookies.

 

 

I’ve used the code from http://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&postid=12199&view=topic

 

but it does not set secure on all the cookies unless they are in a single multipart Set-Cookie header, which mine are multiple Set-Cookies so with that code only the last one of the Set-Cookie headers is set.

 

 

With the code from that post I see this:

 

Set-Cookie: UserName=jdoe; path=/; HttpOnly

 

Set-Cookie: .ASPXAUTH=259AE6492D3; path=/; HttpOnly; Secure

 

 

Any help would be great as we have a customer that is upset and wants a fix as soon as possible.

 

 

Thanks in advance!

 

Shawn
application delivery
dev
devops
iRules
  • Deb_Allen_18's avatar
    Deb_Allen_18
    Historic F5 Account
    Jul 09, 2007
    You can loop through headers of the same name using the approach detailed (by yours truly) near the end of this thread: Click here

     

     

    HTH

     

    /deb
  • Shawn_Puckett_8's avatar
    Shawn_Puckett_8
    Icon for Nimbostratus rankNimbostratus
    Jul 09, 2007
    Thanks.

    I just ended up doing this:

    
when HTTP_RESPONSE {
   set myValues [HTTP::cookie names]
   foreach mycookies $myValues {
      HTTP::cookie secure $mycookies enable
   }
}

    Which seems to work.

    Thanks,

    Shawn