Forum Discussion
Setting Cookie "HttpOnly" flag and Expires on Redirect and response
Hi all,
I ave a requirement to both set a cookie on redirect and insert a cookie on response. (at different points within my rule logic).
Both cookies will have the same content and need to have an expiry of 1hour and have the HttpOnly flag set.
I have had an inordinate amount of trouble getting this to work on 10.2. It seems its easy to set a cookie on response:
HTTP::cookie insert name $static::COOKIE_NAME value $COOKIE_VALUE path "/" domain $static::COOKIE_DOMAIN
HTTP::cookie expires $static::COOKIE_NAME 600 relative
But i also need to set the HttpOnly flag which (it seems) is impossible using HTTP::cookie in v10.x.??
Also, when i redirect, i need to do the same thing. Here, setting HttpOnly is easy, but now I am having problems trying to set the Expiry on the cookie!:
set COOKIE [format "%s=%s; path=/; domain=%s; Expires=%s HttpOnly" $COOKIE_VALUE $static::COOKIE_DOMAIN $static::COOKIE_EXPIRES]
HTTP::respond 302 Location "http://$DETECTED_DOMAIN" "Set-Cookie" $COOKIE
I find the browser doesn't return the cookie if the Expires flag is set.
Any idea whats going wrong here? Is there a simpler way to set these cookies that i'm unaware of?
Any help would be much appreciated!
Cheers..
- Can you give this a try?
when HTTP_REQUEST {1 year = 31536000 seconds
set cookie_expire 31536000
set cookie_expire_date [clock format [expr [clock seconds] + $cookie_expire] -format "%a, %d-%b-%Y %H:%M:%S GMT" -gmt true]
set cookie_domain .test.domain.local
set cookie_name my_cookie
set cookie_value 12345
set cookie [format "%s=%s; path=/; domain=%s; expires=%s; HttpOnly" $cookie_name $cookie_value $cookie_domain $cookie_expire_date]
HTTP::respond 302 Location "http://www.google.com" "Set-Cookie" $cookie
}
This works for me. I made a few tweaks, but you were 95% of the way there. Hope this helps,
George
- Fantastic!! Thanks George for your reply, this fixed the first half of my problem.. progress!!!
Now i just need to figure out how to set the HttpOnly flag when not doing a redirect.... :) 
nitassEmployee
have you tried HTTP::header insert?[root@ve1023:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.19.79:80 ip protocol 6 rules myrule profiles { http {} tcp {} } } [root@ve1023:Active] config b rule myrule list rule myrule { when HTTP_RESPONSE { 1 year = 31536000 seconds set cookie_expire 31536000 set cookie_expire_date [clock format [expr [clock seconds] + $cookie_expire] -format "%a, %d-%b-%Y %H:%M:%S GMT" -gmt true] set cookie_domain .test.domain.local set cookie_name my_cookie set cookie_value 12345 set cookie [format "%s=%s; path=/; domain=%s; expires=%s; HttpOnly" $cookie_name $cookie_value $cookie_domain $cookie_expire_date] HTTP::header insert "Set-Cookie" $cookie } } [root@ve1023:Active] config curl -I http://172.28.19.79 HTTP/1.1 200 OK Date: Tue, 20 Dec 2011 17:50:56 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT ETag: "4183e4-3e-9c564780" Accept-Ranges: bytes Content-Length: 62 Connection: close Content-Type: text/html; charset=UTF-8 Set-Cookie: my_cookie=12345; path=/; domain=.test.domain.local; expires=Wed, 19-Dec-2012 17:50:42 GMT; HttpOnly- Thanks guys!! All working! I guess i was hoping there was a cleaner way that this could be done..
