Set the SameSite Cookie Attribute for Web Application and BIG-IP Module Cookies

Problem this snippet solves: UPDATE: Note that the work for SameSite is evolving rapidly and this new entry should be considered over the iRule contents below. Chrome (and likely other browser...
Published Feb 06, 2020
Version 1.0
application delivery
csrf
iRules
samesite
security
David_Scott's avatar
David_Scott
Icon for Employee rankEmployee
Feb 16, 2020

if you're on a version that doesn't support the HTTP::cookie attribute method (v11) here's a way to add the attribute. Ideally you'd upgrade to v12+ but if that's not an option this may help get you by until you can. Obviously change SameSitee=none to whatever you need it set to. 

when HTTP_RESPONSE {
	set COOKIE_VAL [HTTP::header values "Set-Cookie"]
	
	foreach COOKIE_NAME $COOKIE_VAL {
                HTTP::header insert "Set-Cookie" "${COOKIE_NAME}; SameSite=none"
		HTTP::cookie secure ${COOKIE_NAME} enable
                
	}
 
}