Forum Discussion
dgytech
Jul 26, 2017Altostratus
Thank you again for your assistance, very much appreciated!! We were able to get it to work with a few tweaks.
when HTTP_RESPONSE {
set unsafe_cookie_headers [HTTP::header values "Set-Cookie"]
HTTP::header remove "Set-Cookie"
foreach set_cookie_header $unsafe_cookie_headers {
if { $set_cookie_header starts_with "XSRF-TOKEN"} then {
HTTP::header insert "Set-Cookie" "${set_cookie_header}; Secure"
} else {
HTTP::header insert "Set-Cookie" "${set_cookie_header}; Secure; HttpOnly"
}
}
}
- Lee_SutcliffeJul 26, 2017Nacreous
Pleased you got it working and thanks for sharing the final solution. :)
MP