Forum Discussion
JosephT
Nimbostratus
NimbostratusStripping cookies on the http response
I need to setup an irule to remove one or more cookies on the response back to the client.
To start, I'm trying to just delete all cookies by trying this this:
when HTTP_RESPONSE {
HTTP::cookie remove *
}
as well as this:
when HTTP_RESPONSE {
HTTP::cookie remove "*"
}
Yet neither seem to be doing the job (i still see a cookie on my client.
Any ideas?
Any help as well to write an irule to remove:
cookie_name_a
cookie_name_b
cookie_name_c
would be greatly appreciated!
3 Replies
- The_BhattmanNot sure if that command will work with *.
However, another possibility is to use "HTTP::cookie names" and set that into an array. Then perform a foreach loop where you would delete the cookies within the cookie names list
For example:
set DL {[HTTP::cookie names]}
foreach N $DL {
HTTP::cookie remove $N
}
I haven't tested this , but I think this might be a start to another approach you might want to consider
Hope this helps
CB 
JosephTCMBHATT, thanks for the reply. After speaking to some others, I learned that the "HTTP:cookie remove xxxx would not work with the HTTP_RESPONSE.
I also learned that the Cookie header is sent by clients on a request, and the Set-Cookie header is sent by the server on the response. What I actually needed to do was delete the Set-Cookie on the response.
My code above would have worked fine to delete cookies if I had used http_request
But in order to delete thet Set-Cookie response from the server, this is the code I used which worked great:
when HTTP_RESPONSE {
HTTP::header remove Set-Cookie
}
Thanks again for your effort!
hoolioCirrostratus
'HTTP::cookie remove' should work in either requests or responses. If you want to remove all cookies, you could use either approach:when HTTP_RESPONSE { foreach N [HTTP::cookie names] { HTTP::cookie remove $N } }when HTTP_RESPONSE { HTTP::header remove "Set-Cookie" }
Aaron
