cancel
Showing results for 
Search instead for 
Did you mean: 

iRule to secure flag on specific URL (Multiple URL in one VS)

kridsana
Cirrostratus
Cirrostratus

Hi

 

We know that F5 can add secure attr in cookie from irule HTTP_RESPONSE <https://support.f5.com/csp/article/K11324>

but this is apply to all website in virtual server!!

 

We have many URL in one virtual server. (Multi domain). ie URL-a.example.com and URL-b.example.com have the same Virtual server

 

Can we just add secure flag on cookie only when we access URL-a.example.com ? no need to add flag when we access URL-b

 

I think we need variable to check if http:host is URL-a or URL-b, but I don't know how to do it when this variable has to share on HTTP_REQUEST and HTTP_RESPONSE event on the same times.

 

Thank you

1 REPLY 1

SanjayP
MVP
MVP

You may try below.

 

when HTTP_REQUEST { set sflag 1 if { [class match [HTTP::host] equals secure-flag-domains] } { set sflag 0 } return }   when HTTP_RESPONSE { if { $sflag == 0} { foreach mycookie [HTTP::cookie names] { HTTP::cookie secure $mycookie enable } } }