here is the doubt about the order of 2 irules,one is HTTP::cookie secure

Question

Hello,good morning&nbsp;
&nbsp;I have 2 irules under one VS&nbsp;
&nbsp;the first one is add secure  deal with HTTP_RESPONSE,the second one is main irule deal with HTTP_REQUEST
&nbsp;here is add secure irule 
&nbsp;when HTTP_RESPONSE { set myValues [HTTP::cookie names] foreach mycookie $myValues { if {$mycookie == "cjj"} {  Do nothing. } if {$mycookie == "jjc"} {  Do nothing. } else { HTTP::cookie secure $mycookie enable } } }&nbsp;
&nbsp; the main irule only include http_request event and send request to different pool against parameter in uri&nbsp;
&nbsp;at the begining someone put main irule before add secure irule,some user can't open the page
&nbsp;hence,another put add secure before main irule&nbsp;
&nbsp;it is ok now in this order:&nbsp;&nbsp;
&nbsp;add secure
&nbsp;main irule&nbsp;
&nbsp;can some tell me what is the difference of this order&nbsp;
&nbsp;I try to understand this but can't &nbsp;&nbsp;

matt_breedlove_ · Answer

What happened when the users tried to open the page and reported they can't, what did they actually experience? Is only the http_request event used in the main irule, while the http_response is only used in the add secure irule? Why are they separated in the first place if they are handling discrete events?

Forum Discussion

here is the doubt about the order of 2 irules,one is HTTP::cookie secure

1 Reply

Recent Discussions

CITRIX remote desktop solution using F5 APM

BIG-IP rseries license

F5 iRule to route traffic based on AS2 headers doesnt work

Trouble with TCP::option set 28

LDAPS: intermittent login issues

Related Content

Using ChatGPT for security and introduction of AI security

Lightboard Lessons: HTTP Cookie SameSite Attribute

Using Distributed Application Security Policies in Secure Multicloud Networking Customer Edge Sites

F5 Security Podcasts

Get Started with WAAP Security Incidents