Forum Discussion

Yann_Desmarest's avatar
Yann_Desmarest
Icon for Cirrus rankCirrus

Hi,

In general, I prefer to have a VS layered VS architecture.

You apply the following irule to the Frontend VS :

when CLIENT_ACCEPTED {
    virtual virtual_server_name
}

Then, on the same irule, you can change the domain of desired cookies : 

when HTTP_RESPONSE { 
    foreach mycookie [HTTP::cookie names] { 
            HTTP::cookie domain $mycookie ".testtest.com"
    } 
}

You may also need to restrict to certain cookies only :

when HTTP_RESPONSE { 
    foreach mycookie [HTTP::cookie names] {
        if { [class match $mycookie REWRITABLE_COOKIES] } {
            HTTP::cookie domain $mycookie ".testtest.com"
        }
    } 
}

Where REWRITABLE_COOKIES is a datagroup of type string.

Yann_Desmarest's avatar
Yann_Desmarest
Icon for Cirrus rankCirrus
Jun 20, 2016
You can validate that Secure and httpOnly by doing requests and inspecting response for Set-Cookie header containing header names used for lb persistence, asm, apm,...