Jan 29, 2019

Setting SameSite flag on ASM cookie using ASM system variables



I've a question, can we add samesite flag to ASM cookie with the same way we do for httponly and secure flags through creating system variables using the below KB:


For Example: * Parameter Name: cookie_samesite_attr * Parameter Value: strict (or lax depending on the application need)


Thanks in advance.


    Here's an iRule that will set SameSite on cookies that the web app, ASM or other BIG-IP modules set via the Set-Cookie header:




  • System variable aren't getting created when /usr/share/ts/bin/add_del_internal add [cookie_secure_attr | cookie_httponly_attr] is run. Setting the value to 1 enables setting the flag, setting the value to 0 disables setting the flag.


    I think this issue is worth a call to support, to see if there is an RFE.