Hello DevCentral Community, I want to ask you how I can re-initialize a cookie in order to clean the value in it, like: If i click on the logout URI my cookie "Cookie_Name" value will change to an empty value. All of this stuff must be executed in a HTTP::respond 302 like: HTTP::respond 302 Location $redirecturi Set-Cookie {cookie_name="Cookie_name"; Path=/; Expires=Thurs, 01-Jan-1970 00:00:00 GMT;} How i can accomplish this ? Is possible to force the expiration of the cookie if the cookie is a Session-based time expiration ? Thanks in advance , M.

HTTP::respond 302 location "https://www.mydomain.com/" \ Set-Cookie "MY_COOKIE_NAME=path=/; domain=.mydomain.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT"Use the code above; replace the values as necessary. This will instruct client's web-browser to expire(invalidate) an existing session cookie MY_COOKIE_NAME.

Thank you! Another little question, if i want to do it on multiple cookies, how can i accomplish this ? Thanks in advance, Best Regards, M.

You can accomplish the same for multiple cookies by adding more "Set-Cookie" headers (1 header per cookie to invalidate). If the solution works for you please mark it as answered to help other community members. HTTP::respond 302 location "https://www.mydomain.com/" \ Set-Cookie "MY_COOKIE_NAME=path=/; domain=.mydomain.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT" \ Set-Cookie "MY_COOKIE_NAME2=path=/; domain=.mydomain.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT" \ Set-Cookie "MY_COOKIE_NAME3=path=/; domain=.mydomain.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT"

iRule delete cookie value on a 302 redirect

13 Replies

Hannes_Rapp_162
Nacreous
Feb 02, 2015
HTTP::respond 302 location "https://www.mydomain.com/" \ Set-Cookie "MY_COOKIE_NAME=path=/; domain=.mydomain.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT"
Use the code above; replace the values as necessary. This will instruct client's web-browser to expire(invalidate) an existing session cookie MY_COOKIE_NAME.
- MDPF52_180608
  Nimbostratus
  Feb 02, 2015
  Thank you! Another little question, if i want to do it on multiple cookies, how can i accomplish this ? Thanks in advance, Best Regards, M.
- MDPF52_180608
  Nimbostratus
  Feb 02, 2015
  Extra info : i have the HttpOnly and Secure flags set on the cookies
Hannes_Rapp
Nimbostratus
Feb 02, 2015
HTTP::respond 302 location "https://www.mydomain.com/" \ Set-Cookie "MY_COOKIE_NAME=path=/; domain=.mydomain.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT"
Use the code above; replace the values as necessary. This will instruct client's web-browser to expire(invalidate) an existing session cookie MY_COOKIE_NAME.
- MDPF52_180608
  Nimbostratus
  Feb 02, 2015
  Thank you! Another little question, if i want to do it on multiple cookies, how can i accomplish this ? Thanks in advance, Best Regards, M.
- MDPF52_180608
  Nimbostratus
  Feb 02, 2015
  Extra info : i have the HttpOnly and Secure flags set on the cookies
Hannes_Rapp_162
Nacreous
Feb 02, 2015
You can accomplish the same for multiple cookies by adding more "Set-Cookie" headers (1 header per cookie to invalidate). If the solution works for you please mark it as answered to help other community members.

HTTP::respond 302 location "https://www.mydomain.com/" \ Set-Cookie "MY_COOKIE_NAME=path=/; domain=.mydomain.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT" \ Set-Cookie "MY_COOKIE_NAME2=path=/; domain=.mydomain.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT" \ Set-Cookie "MY_COOKIE_NAME3=path=/; domain=.mydomain.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT"
- MDPF52_180608
  Nimbostratus
  Feb 02, 2015
  Thank you, but maybe i missed something because after the redirect i can see that the cookies are still present in my browser and the page returns me a 404 error code, how i can verify it ?
Hannes_Rapp
Nimbostratus
Feb 02, 2015
You can accomplish the same for multiple cookies by adding more "Set-Cookie" headers (1 header per cookie to invalidate). If the solution works for you please mark it as answered to help other community members.

HTTP::respond 302 location "https://www.mydomain.com/" \ Set-Cookie "MY_COOKIE_NAME=path=/; domain=.mydomain.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT" \ Set-Cookie "MY_COOKIE_NAME2=path=/; domain=.mydomain.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT" \ Set-Cookie "MY_COOKIE_NAME3=path=/; domain=.mydomain.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT"
- MDPF52_180608
  Nimbostratus
  Feb 02, 2015
  Thank you, but maybe i missed something because after the redirect i can see that the cookies are still present in my browser and the page returns me a 404 error code, how i can verify it ?
MDPF52_180608
Nimbostratus
Feb 02, 2015
Sorry but, when try the redirect it says Error 404 not found, how i can verify if my set cookie instruction is wrong and this is the cause of the error 404 ?

What i should expect on the cookie ? Does the cookie should disappear ?

Thanks in advance ,

M.
- Hannes_Rapp
  Nimbostratus
  Feb 02, 2015
  You are telling the web browser to invalidate the cookies with your HTTP 302 response (originating from F5). If the redirect destination replies back with HTTP 404, it does not matter - the cookies are already invalidated by then. However, for your solution to work, you must verify that the redirect destination does not re-insert the same cookies you've just invalidated. Look "Set-Cookie" headers in the HTTP 404 response. I recommend Chrome DEV tools, or Firefox's Firebug AddOn for the verification purpose.
Przemyslaw_Wyr1
Altocumulus
Aug 18, 2016
Hi, Excelent advice. Regards Przemek