Can you provide more detail on what the application requires and why?
You can set a cookie in responses using HTTP::respond by adding Set-Cookie "cookie_name=cookie_value\; path=/test\; etc...". You can check the HTTP::respond wiki page (
Click here) for details. Here is a quick example which issues a 302 redirect and expires a cookie:
Send a redirect and expire the session cookie
HTTP::respond 302 Location https://example.com/path/to/file.asp Set-Cookie "$cookie_name=null\;Expires=Thurs, 01-Jan-1970 00:00:00 GMT"
I don't think you can force a client to include an arbitrary header in a subsequent request based on any data you send in a redirect. You might be able to hack something together using javascript, but I'm not certain it's possible/the exact javascript syntax to do it.. Maybe you could you parse the cookie name/value in HTTP_REQUEST and insert the HTTP header before the request is sent to the app?
Aaron