Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

TSPD cookie injecting an extra field which crashes the app

jayantand
Altostratus
Altostratus

Hello Guys,

We have applied Bot protection for our application. On the first attempt it failed since the ChatBot in the applications stopped working. I don't have much details what happened then but below are few points I got to know about when attempting for the 2nd time.

  1. Device ID was enabled
  2. When a client access the ChatBot the requests re-directs to an external domain. Say
    1. abc.com is the domain where the application resides
    2. xyz.com is the domain where clients are re-directed when accessing the ChatBot
  3. One observation from Devs is that TSPD_101 cookie inserts an extra field in the which eventually crashes the ChatBot

Questions:

  1. Per K30023210, ASM strips TS cookies before forwarding the request to OWS....Is that correct?
  2. If ASM still forwards requests along with TS cookies, is there any workaround?
  3. As per my understanding TS cookies, thru java scripts, collect client information. But in our case  it injected an extra field. Is that expected/ normal?
  4. If it is expected/ normal, is it possibled to exclude certain form/ scripts from TS cookie inspection?
  5. Is there a way to query the TSPD script to be able to use it in ajax in if that is required?

On 2nd attempt, I have disabled Device ID and whitelisted external domain xyz.com. It's

1 REPLY 1

Leslie_Hubertus
Community Manager
Community Manager

Hey @jayantand - I'm featuring your question in today's Community Highlights article to help boost visibility which will hopefully get you an answer more quickly.