Forum Discussion
Benjamin_9036
May 20, 2009Historic F5 Account
Thanks for the updates! To clarify the effects of staging on the changes you made - if the staging period is currently active, any violations which are in staging should not cause actual blocking responses. This is the section of the manual that goes over this:
Click here
Also, when using the 'Accept' button on a violation, this will start an instance of the policy builder to accept all violations for this request. In the case of these violations, the value seen as an Illegal Static parameter will probably be added to the parameter values for this parameter, but the Modified domain cookie would probably add the offending cookie to the list of Allowed Modified Domain Cookies.
Either way, these changes effect the entire policy, and not a single user.
You may see the modified cookies for a period after you first put ASM in production as clients may still have cookies that were set prior to ASM being put in line where it could see them. In general, you should only need to allow modified cookies if you know that the client should be allowed to modify them (client-side javascript or something).
You might also want to review whether this should be a static, dynamic, or user-input parameter. A static parameter is a parameter for which you know the value will always be from a static list - like a drop-down selection of states. This describes them a little more, as well:
Click here