Set Cookie SameSite = None

Question

Hello Cool People.&nbsp;I'm fairly new to F5 and was wondering if there is an easy way to set the SameSite Cookie attribute to "None". I did look at the F5 irule article and don't quite understand the code as its too long.  The goal was just to set SameSite = None for our site that goes trough f5.  We have version 11 and was looking at this article https://github.com/f5devcentral/irules-toolbox/blob/master/security/http/cookies/samesite-attributes-pre-v12.tcl. Does  this good to go by just  making an irule  with this entry and set it to our pool or are there any adjustments needed for our environment? Appreciate any response.&nbsp;Best, &nbsp;&nbsp;

lorenze · Answer

Tried creating an irule  with the following entry but all doesnt seem to address the issue:when HTTP_RESPONSE {
	set COOKIE_VAL [HTTP::header values "Set-Cookie"]
	HTTP::header remove "Set-Cookie"
 
	foreach COOKIE_NAME $COOKIE_VAL {
		HTTP::header insert "Set-Cookie" "${COOKIE_NAME}; SameSite=none"
                HTTP::cookie secure ${COOKIE_NAME} enable
	}
}when HTTP_RESPONSE {
&nbsp;
        HTTP::header replace Set-Cookie "[HTTP::header Set-Cookie]; HttpOnly;SameSite=none; Secure"
&nbsp;
&nbsp;
&nbsp;
  }Appreciate any response. Thank You!

ivan_chernenkii · Answer

Please take look here - https://support.f5.com/csp/article/K03346798&nbsp;Thanks, Ivan

Forum Discussion

Set Cookie SameSite = None

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

Add SameSite attribute to APM Cookies

Lightboard Lessons: HTTP Cookie SameSite Attribute

HTTP cookie SameSite: test detection of browsers with incompatible SameSite=None handling

Set the SameSite Attribute for LTM Persistence Cookies

Set the SameSite Cookie Attribute for Web Application and BIG-IP Module Cookies

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS