Forum Discussion
hooleylist
Jun 21, 2013Cirrostratus
Hey Bryce,
Sorry for the slow reply on this. I got sidetracked. Because HttpOnly can only be set for cookies with version 1 or 2 and the default version is 0, this is probably the cause of the problem. Can you set the version to 1 first:
Set HttpOnly on all LTM and app generated cookies
when HTTP_RESPONSE {
set cookieNames [HTTP::cookie names]
foreach aCookie $cookieNames {
HTTP::cookie version $aCookie 1
HTTP::cookie httponly $aCookie enable
}
}
Or just for one statically defined cookie:
when HTTP_RESPONSE {
HTTP::cookie version myCookie 1
HTTP::cookie httponly myCookie enable
}
Aaron