Forum Discussion

Dmitriy_Tiper's avatar
Dmitriy_Tiper
Icon for Altocumulus rankAltocumulus
Jun 14, 2024

Cookie insert via http:redirect - can it be configured "secure"?

Using slightly changed example from DevCentral I am able to insert cookie on http redirect

 

when CLIENT_ACCEPTED {
 
set cookie [format "orig_lang=french; path=/; domain=client.com"]
 
}
 
when HTTP_REQUEST {
  if { [HTTP::host] equals "web1.client.com" } 
       {
     # Redirect to the requested host and URI (minus the port if specified)
     HTTP::respond 302 Location "https://web2.client.com" "Set-Cookie" $cookie
      
       } 
}
 
Is it possible configure secure and httponly on that cookie?
 
Thank you in advance.
  • yeah agree with Paulius, it should be possible. im not quite sure why you haven't just tried and see, seems easier then asking. or are you also asking how?

  • I did try iRule in my initial question and it works in terms of insertion of a cookie. May be I was unclear in what I am asking :) Yes, I am asking "how" - i.e. iRule syntax to allow this cookie also to be secure and httponly.

    • boneyard's avatar
      boneyard
      Icon for MVP rankMVP

      Add this to your cookie string (set cookie ...) and you should be ok:

      ; secure; HttpOnly