For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Mike_Nepomny's avatar
Mike_Nepomny
Icon for Nimbostratus rankNimbostratus
May 28, 2013

TS cookie with domain=.abc.com

ASM is setting at least two TS cookie with different domains:

 

 

TSaeea70 Received .abc.com (Session) Server Yes No

 

TSf1d257 Received .commonag-portal-fit.nj.abc.com (Session) Server Yes No

 

 

TS cookie with domain=.abc.com will be sent by browser to all apps in all abc.com environments and will trigger MOD_ASM_COOKIE violation.

 

 

Why ASM is setting cookie with domain=.abc.com ?

 

 

Thank you

 

app sec
BIG-IP Access Policy Manager (APM)
security

4 Replies

  • Chris_Campbell1's avatar
    Chris_Campbell1
    Icon for Cirrus rankCirrus
    May 29, 2013
    Is something else in the path messing with the cookies? In our 11.2.1 ASM the cookie is set like:

     

     

    Set-Cookie: TSd6f798=blahblahblah; Path=/
  • nathe's avatar
    nathe
    Icon for Cirrocumulus rankCirrocumulus
    May 29, 2013
    Mike,

     

     

    Looks like ASM 11.2.1 HF3 fixes this issue

     

     

    A request that contains the internal cookie TSxxxxxx_77 or TSxxxxxx_75 that was generated by another HTTP Class no longer causes the Enforcer to incorrectly trigger the "Modified ASM cookie" violation.

     

     

     

     

    Hope this helps,

     

    N
  • Ravi_K__Malhotr's avatar
    Ravi_K__Malhotr
    Icon for Nimbostratus rankNimbostratus
    Dec 10, 2015

    So, i am just trying to cover Basics here, Cookie which is like a Browser property, inserted into the HTTP Header by the client, is actually generated per domain on a System, yeah its per domain. Hope if this clears the doubts.