cancel
Showing results for 
Search instead for 
Did you mean: 

Set Cookie SameSite = None

lorenze
Altocumulus
Altocumulus

Hello Cool People.

 

I'm fairly new to F5 and was wondering if there is an easy way to set the SameSite Cookie attribute to "None". I did look at the F5 irule article and don't quite understand the code as its too long. The goal was just to set SameSite = None for our site that goes trough f5. We have version 11 and was looking at this article https://github.com/f5devcentral/irules-toolbox/blob/master/security/http/cookies/samesite-attributes.... Does this good to go by just making an irule with this entry and set it to our pool or are there any adjustments needed for our environment? Appreciate any response.

 

Best,

 

 

2 REPLIES 2

lorenze
Altocumulus
Altocumulus

Tried creating an irule with the following entry but all doesnt seem to address the issue:

 

when HTTP_RESPONSE { set COOKIE_VAL [HTTP::header values "Set-Cookie"] HTTP::header remove "Set-Cookie" foreach COOKIE_NAME $COOKIE_VAL { HTTP::header insert "Set-Cookie" "${COOKIE_NAME}; SameSite=none" HTTP::cookie secure ${COOKIE_NAME} enable } }

 

when HTTP_RESPONSE {   HTTP::header replace Set-Cookie "[HTTP::header Set-Cookie]; HttpOnly;SameSite=none; Secure"       }

Appreciate any response. Thank You!

 

Ivan_Chernenkii
F5 Employee
F5 Employee

Please take look here - https://support.f5.com/csp/article/K03346798

 

Thanks, Ivan