iRule to set SameSite for compatible clients and remove it for incompatible clients (LTM|ASM|APM)

A bunch of us have been refining approaches to help customers handle the new browser enforcement of the HTTP cookie SameSite attribute. I think we have a pretty solid approach now to handle compatib...

Published Feb 11, 2020

Version 1.0

Ret. Employee

Joined February 06, 2020

View Profile

Hoolio

Ret. Employee

Joined February 06, 2020

View Profile

lorenze

Altocumulus

Jul 09, 2020

I tried creating an irule with just the following entry but seems it doesn't fix the samesite concern:

when HTTP_RESPONSE {
	set COOKIE_VAL [HTTP::header values "Set-Cookie"]
	HTTP::header remove "Set-Cookie"
 
	foreach COOKIE_NAME $COOKIE_VAL {
		HTTP::header insert "Set-Cookie" "${COOKIE_NAME}; SameSite=none"
                HTTP::cookie secure ${COOKIE_NAME} enable
	}
}

when HTTP_RESPONSE {
 
        HTTP::header replace Set-Cookie "[HTTP::header Set-Cookie]; HttpOnly;SameSite=none; Secure"
 
 
 
  }

Is there something I am missing?

Thanks!

iRule to set SameSite for compatible clients and remove it for incompatible clients (LTM|ASM|APM)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS