Increased Security With First Party Cookies
Published Mar 30, 2018
Version 1.0Was this article helpful?
We were fortunate enough to be able to declare our supported browsers so not having to handle the non-compatible helped out. In the end we found we were also defining a cookie in our javascript(not in header) so our dev had to make a code change for that and also decided to use our apache webserver in front of java to do the cookie insert for JSESSION and other related cookies. I do have a rule to just modify the bigipserver cookie for persistence but that is much more straight forward since it predictable never has the flag..