Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Set Cookie SameSite = None

lorenze
Altocumulus
Altocumulus

‎09-Jul-2020 07:12

Hello Cool People.

 

I'm fairly new to F5 and was wondering if there is an easy way to set the SameSite Cookie attribute to "None". I did look at the F5 irule article and don't quite understand the code as its too long. The goal was just to set SameSite = None for our site that goes trough f5. We have version 11 and was looking at this article https://github.com/f5devcentral/irules-toolbox/blob/master/security/http/cookies/samesite-attributes.... Does this good to go by just making an irule with this entry and set it to our pool or are there any adjustments needed for our environment? Appreciate any response.

 

Best,

 

 

Labels:
2 REPLIES 2

lorenze
Altocumulus
Altocumulus

‎09-Jul-2020 12:14 - last edited on ‎04-Jun-2023 21:22 by Fog

Tried creating an irule with the following entry but all doesnt seem to address the issue:

when HTTP_RESPONSE {
	set COOKIE_VAL [HTTP::header values "Set-Cookie"]
	HTTP::header remove "Set-Cookie"
 
	foreach COOKIE_NAME $COOKIE_VAL {
		HTTP::header insert "Set-Cookie" "${COOKIE_NAME}; SameSite=none"
                HTTP::cookie secure ${COOKIE_NAME} enable
	}
}
when HTTP_RESPONSE {
 
        HTTP::header replace Set-Cookie "[HTTP::header Set-Cookie]; HttpOnly;SameSite=none; Secure"
 
 
 
  }

Appreciate any response. Thank You!

0 Kudos

Ivan_Chernenkii
F5 Employee
F5 Employee

‎10-Jul-2020 11:48

Please take look here - https://support.f5.com/csp/article/K03346798

 

Thanks, Ivan

0 Kudos
Copyright © 2023 Khoros, LLC