Forum Discussion
NimbostratusTrying to set a relative (5 day) expiring cookie with HTTP:RESPOND
Is it possible to use the HTTP:cookie expires relative syntax in an HTTP Respond irule? I am currently using the following with Max-age to set a 5 day cookie. Of course IE choose to ignore this and treats it as a session cookie. I have tried just using expires 432000 relative in place of Max-Age, but that doesn't work in either browser... I'm a Network guy, new to messing around with cookies, so be gentle :)
Do I need to somehow say expires=$time+432000 or something like that? or is it even possible to do this with HTTP Respond?
when HTTP_REQUEST { if { [HTTP::cookie exists "cookiename"] } { HTTP::respond 302 Location "; "Set-Cookie" "cookiename=cookievalue;path=/;Max-Age=432000" }
3 Replies
Leonardo_SouzaCirrocumulus
The cookie options are no dictated by F5, is up to the standard and the browsers that apply the rules or not.
Wikipedia says: "As of 2016 Internet Explorer did not support Max-Age."
Check the cookie explanation in wikipedia:
https://en.wikipedia.org/wiki/HTTP_cookieExpires_and_Max-Age
If you want to go deeper, there a whole RFC just for that:
https://tools.ietf.org/html/rfc6265
About the HTTP response event, yes you can set the cookie there. You can see examples here, using both http request and response.
https://devcentral.f5.com/wiki/irules.http__respond.ashx
Mark_CloutierWith much help from someone who actually knows programming :) we came up with the following
when HTTP_REQUEST { if { [HTTP::cookie exists "intranet-sp-session"] } { set cur_time [clock seconds] set cur_time [expr $cur_time + 432000] set formated_time [clock format $cur_time -format "%a, %d %h %Y %T %Z" -gmt true] HTTP::respond 302 Location "; "Set-Cookie" "intranet-sp-session=putnamsp;path=/;domain=mycompany.com;expires=$formated_time" } else { set cur_time [clock seconds] set cur_time [expr $cur_time + 432000] set formated_time [clock format $cur_time -format "%a, %d %h %Y %T %Z" -gmt true] HTTP::respond 302 Location "https://mysahrepointssourl.domain.com "Set-Cookie" "intranet-sp-session=putnamsp;path=/;domain=mycompany.com;expires=$formated_time" } }
This successfully sets a cookie that IE will accept and store as a persistent cookie with an expiration value that is 432000 greater than the current time....
- Mark_Cloutier
With much help from someone who actually knows programming :) we came up with the following
when HTTP_REQUEST { if { [HTTP::cookie exists "intranet-sp-session"] } { set cur_time [clock seconds] set cur_time [expr $cur_time + 432000] set formated_time [clock format $cur_time -format "%a, %d %h %Y %T %Z" -gmt true] HTTP::respond 302 Location ";; "Set-Cookie" "intranet-sp-session=putnamsp;path=/;domain=mycompany.com;expires=$formated_time" } else { set cur_time [clock seconds] set cur_time [expr $cur_time + 432000] set formated_time [clock format $cur_time -format "%a, %d %h %Y %T %Z" -gmt true] HTTP::respond 302 Location "https://mysahrepointssourl.domain.com "Set-Cookie" "intranet-sp-session=putnamsp;path=/;domain=mycompany.com;expires=$formated_time" } }
This successfully sets a cookie that IE will accept and store as a persistent cookie with an expiration value that is 432000 greater than the current time....
