Forum Discussion
Lidev
Mar 31, 2021MVP
Hi,
If you don't use cookie persistence profile, you need to configure the BIG-IP ASM to use secure and HttpOnly cookie flag.
Check in your ASM Policy configuration, Security ›› Application Security : Headers : Cookies List ›› Edit Cookie