Jon_Gilyeat_149
Jul 24, 2014Nimbostratus
HTTP::cookie and setting flags
I'm struggling with writing some irule logic which sets the httponly and secure flags on only the bigipserver cookies inserted by the F5 when using cookie session persistence, while not affecting any server or application inserted cookies. So far, I've had to resolve myself to creating a different irule for each VIP for which I need to perform this action, and specifying the bigip server cookie for that VIP, eg:
when HTTP_RESPONSE {
if { [HTTP::cookie BIGipServerFoo] ne "" } {
set ck_value [HTTP::cookie value BIGipServerFoo]
set ck_path [HTTP::cookie path BIGipServerFoo]
HTTP::cookie remove BIGipServerFoo
HTTP::cookie insert name BIGipServerFoo value $ck_value path $ck_path version 1
HTTP::cookie httponly BIGipServerFoo enable
HTTP::cookie secure BIGipServerFoo enable
}
}
BigIP server cookie flags are set appropriately, application cookies are left alone, everyone is happy, apps don't break. Surely there must be some way to do this without manually picking out the cookies I want changed.