For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Moinul_Rony's avatar
Moinul_Rony
Icon for Altostratus rankAltostratus
Sep 12, 2014

TCL error on a iRule

Hi we have the following iRule to add X-Frame-Options header. Which is being done perfectly. But from LTM log we are getting spammed with the following message. Any idea? when HTTP_RESPONSE { ...
application delivery
devops
iRules
Andrew_Husking's avatar
Andrew_Husking
Icon for Cirrus rankCirrus
Sep 12, 2014

Try this:

    when HTTP_RESPONSE {
  if { $iframeurl != 1 } { HTTP::header replace "X-Frame-Options" "SAMEORIGIN" }
  HTTP::header replace "X-Frame-Options" "SAMEORIGIN"
  set myValues [HTTP::cookie names]
  foreach mycookies $myValues {
      log local0. "Cookie Name: $mycookies being secured."
    if { [HTTP::cookie version $mycookies] != 1 } {
      set ckval [HTTP::cookie value $mycookies]
      set ckpath [HTTP::cookie path $mycookies]
      HTTP::cookie remove $mycookies
      HTTP::cookie insert name $mycookies value $ckval path $ckpath version 1
    }
    HTTP::cookie secure $mycookies enable
    HTTP::cookie httponly $mycookies enable
  }
}

I"m not 100% certain that the quotes are needed, but all instances of it that i've seen in our iRules have had them.

Cheers