Increased Security With First Party Cookies
Published Mar 30, 2018
Version 1.0Was this article helpful?
The above worked initially for us too but then caused errors with different parts of the application. We just went through about 7 different iterations before we finally got one to work. Below is the one that was successful. To be clear, this is to ALLOW third-party-cookies and changes the same site attribute to None.
ltm rule generic_samesite_none {
when HTTP_RESPONSE {
set cookie_headers [HTTP::header values "Set-Cookie"]
HTTP::header remove "Set-Cookie"
foreach set_cookie_header $cookie_headers {
HTTP::header insert "Set-Cookie" "${set_cookie_header}; SameSite=None"
}
}
}