Forum Discussion

Nimbostratus

Dec 01, 2008

To many Cookies

I have just recenty put ASM in front of a large app, this app has been known to set up to 17 or more cookes per session depending on what transaction the user is doing, problem is ASM seems to set a f...

app sec

BIG-IP Access Policy Manager (APM)

security

AaronJB

Ret. Employee

Dec 15, 2008

It looks like those are Path Cookies.

Starting in v9.4.2 we sign Domain Cookies on a per-path basis. Domain Cookies belonging to the root path are signed in the main ASM cookie (TSxxxxxx, where the x's are generated from the HTTPClass name), and those belonging to sub paths are signed in additional ASM cookies with one cookie being added for each distinct paths.

Having said that, there seem to be three distinct ASM cookies in the above example, and I only see two paths.. there's only three if you count the trailing "/" which is on some cookies and not others, and I'm not sure if that 'should' be considered relevant in terms of distinct paths.

Aaron

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

To many Cookies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Cisco TACACS+ Config on ISE LTM Pair

iRule causing requests to be duplicated (sometimes)

SSL Bridging and FQDN rewrite Policy

How can I get started with iCall

Checking for X-Forwarded-For against an Address Data-Group

Related Content

Cookie-based DDoS protection

Encrypting Cookies

2. SYN Cookie: Operation

1. SYN Cookie: Intro

8. SYN Cookie: Troubleshooting tcpdump

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS