Delete Cookie From Request By Regex

Problem this snippet solves:

This iRule allows an administrator to delete cookies from a request which match a defined class of regular expressions.

The rule expects a class named cookie_regex_class to contain regular expressions. If a cookie name (set to lower case) in the request matches any of the regular expressions in the class, the cookie will be removed. This rule has been used in ASM implementations to remove ASPSESSIONID cookies that aren't needed in the application.

Code :

class cookie_regex_class  {
   "aspsessionid\w{8}"
   "cookie_name_one\w{8}"
   "cookie_name_two-\w{10}"
   "cookie_name_three"
}

# expect cookie_regex_class to contain a list of regular expressions in lower case for cookie names
when HTTP_REQUEST {
   log local0. "Cookies: [HTTP::cookie count] - [HTTP::cookie names]"
   set cookies [HTTP::cookie names]

   # loop through each cookie by name in request
   foreach aCookie $cookies {

      # log the current cookie name
      log local0. "a cookie: $aCookie"

      # loop through each regex from the class
      foreach aRegex $::cookie_regex_class {

        # compare the current regex to the current cookie name (in lower case)
         if { [string tolower $aCookie] matches_regex $aRegex } {

             log local0. "matched cookie: $aCookie with regex: $aRegex"

             # loop through and remove the cookie(s) which match the regex
             while { [HTTP::cookie exists $aCookie] } {
                HTTP::cookie remove $aCookie
             }

         } else {
             log local0. "didn't match cookie $aCookie with regex: $aRegex"
         }

      }
   }
}