Robert_47833
Aug 22, 2012Altostratus
set HTTPOnly in cookie
how to set HTTPOnly in cookie when HTTP::response?
- e.g.
[root@ve10:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.19.79:80 ip protocol 6 rules myrule profiles { http {} tcp {} } } [root@ve10:Active] config b pool foo list pool foo { members 200.200.200.101:80 {} } [root@ve10:Active] config b rule myrule list rule myrule { when HTTP_RESPONSE { set ck [HTTP::header values "Set-Cookie"] HTTP::header remove "Set-Cookie" foreach acookie $ck { if {$acookie starts_with "BBB"} { HTTP::header insert "Set-Cookie" "${acookie}; HttpOnly" } else { HTTP::header insert "Set-Cookie" "$acookie" } } } } response from server [root@ve10:Active] config curl -I http://200.200.200.101 HTTP/1.1 200 OK Date: Wed, 22 Aug 2012 08:04:21 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 Set-Cookie: AAA=1111; path=/ Set-Cookie: BBB=2222; path=/ Set-Cookie: CCC=1234; path=/ Content-Type: text/html; charset=UTF-8 via bigip [root@ve10:Active] config curl -I http://172.28.19.79 HTTP/1.1 200 OK Date: Wed, 22 Aug 2012 08:04:28 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 Content-Type: text/html; charset=UTF-8 Set-Cookie: AAA=1111; path=/ Set-Cookie: BBB=2222; path=/; HttpOnly Set-Cookie: CCC=1234; path=/