Forum Discussion
Robert_47833
Aug 22, 2012Altostratus
set HTTPOnly in cookie
how to set HTTPOnly in cookie when HTTP::response?
- e.g.
[root@ve10:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.19.79:80 ip protocol 6 rules myrule profiles { http {} tcp {} } } [root@ve10:Active] config b pool foo list pool foo { members 200.200.200.101:80 {} } [root@ve10:Active] config b rule myrule list rule myrule { when HTTP_RESPONSE { set ck [HTTP::header values "Set-Cookie"] HTTP::header remove "Set-Cookie" foreach acookie $ck { if {$acookie starts_with "BBB"} { HTTP::header insert "Set-Cookie" "${acookie}; HttpOnly" } else { HTTP::header insert "Set-Cookie" "$acookie" } } } } response from server [root@ve10:Active] config curl -I http://200.200.200.101 HTTP/1.1 200 OK Date: Wed, 22 Aug 2012 08:04:21 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 Set-Cookie: AAA=1111; path=/ Set-Cookie: BBB=2222; path=/ Set-Cookie: CCC=1234; path=/ Content-Type: text/html; charset=UTF-8 via bigip [root@ve10:Active] config curl -I http://172.28.19.79 HTTP/1.1 200 OK Date: Wed, 22 Aug 2012 08:04:28 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 Content-Type: text/html; charset=UTF-8 Set-Cookie: AAA=1111; path=/ Set-Cookie: BBB=2222; path=/; HttpOnly Set-Cookie: CCC=1234; path=/
- nitass_89166Noctilucente.g.
[root@ve10:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.19.79:80 ip protocol 6 rules myrule profiles { http {} tcp {} } } [root@ve10:Active] config b pool foo list pool foo { members 200.200.200.101:80 {} } [root@ve10:Active] config b rule myrule list rule myrule { when HTTP_RESPONSE { set ck [HTTP::header values "Set-Cookie"] HTTP::header remove "Set-Cookie" foreach acookie $ck { if {$acookie starts_with "BBB"} { HTTP::header insert "Set-Cookie" "${acookie}; HttpOnly" } else { HTTP::header insert "Set-Cookie" "$acookie" } } } } response from server [root@ve10:Active] config curl -I http://200.200.200.101 HTTP/1.1 200 OK Date: Wed, 22 Aug 2012 08:04:21 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 Set-Cookie: AAA=1111; path=/ Set-Cookie: BBB=2222; path=/ Set-Cookie: CCC=1234; path=/ Content-Type: text/html; charset=UTF-8 via bigip [root@ve10:Active] config curl -I http://172.28.19.79 HTTP/1.1 200 OK Date: Wed, 22 Aug 2012 08:04:28 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 Content-Type: text/html; charset=UTF-8 Set-Cookie: AAA=1111; path=/ Set-Cookie: BBB=2222; path=/; HttpOnly Set-Cookie: CCC=1234; path=/
- Yeah, it really works. Thanks.
- nitassEmployeehave you tried this?
- Robert_47833Altostratushello,Nitass
- nitassEmployeewhen saying HTTP::response, what do you mean? do you craft http response yourself e.g. HTTP::respond command?
- Robert_47833Altostratusyes,HTTP_RESPONSE event
- nitassEmployeee.g.
[root@ve10:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.19.79:80 ip protocol 6 rules myrule profiles { http {} tcp {} } } [root@ve10:Active] config b pool foo list pool foo { members 200.200.200.101:80 {} } [root@ve10:Active] config b rule myrule list rule myrule { when HTTP_RESPONSE { set ck [HTTP::header values "Set-Cookie"] HTTP::header remove "Set-Cookie" foreach acookie $ck { if {$acookie starts_with "BBB"} { HTTP::header insert "Set-Cookie" "${acookie}; HttpOnly" } else { HTTP::header insert "Set-Cookie" "$acookie" } } } } response from server [root@ve10:Active] config curl -I http://200.200.200.101 HTTP/1.1 200 OK Date: Wed, 22 Aug 2012 08:04:21 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 Set-Cookie: AAA=1111; path=/ Set-Cookie: BBB=2222; path=/ Set-Cookie: CCC=1234; path=/ Content-Type: text/html; charset=UTF-8 via bigip [root@ve10:Active] config curl -I http://172.28.19.79 HTTP/1.1 200 OK Date: Wed, 22 Aug 2012 08:04:28 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 Content-Type: text/html; charset=UTF-8 Set-Cookie: AAA=1111; path=/ Set-Cookie: BBB=2222; path=/; HttpOnly Set-Cookie: CCC=1234; path=/
- Yeah, it really works. Thanks.
- Robert_47833Altostratushello,Nitass
- nitassEmployeee.g.
[root@ve10:Active] config b rule myrule list rule myrule { when HTTP_RESPONSE { set ck [HTTP::header values "Set-Cookie"] HTTP::header remove "Set-Cookie" foreach acookie $ck { if {$acookie starts_with "BBB"} { HTTP::header insert "Set-Cookie" "${acookie}; HttpOnly" } else { HTTP::header insert "Set-Cookie" "$acookie" } } HTTP::cookie secure "BBB" enable HTTP::cookie secure "CCC" enable HTTP::cookie secure "XYZ" enable } } [root@ve10:Active] config curl -I http://172.28.19.79 HTTP/1.1 200 OK Date: Wed, 22 Aug 2012 10:01:00 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 Content-Type: text/html; charset=UTF-8 Set-Cookie: AAA=1111; path=/ Set-Cookie: BBB=2222;secure; path=/; HttpOnly Set-Cookie: CCC=1234;secure; path=/
- Robert_47833Altostratushmm,I see
Recent Discussions
Related Content
Â
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects