Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

How to remove the ASM TS* Cookie

Hello

We tried to remove the ASM TS* Cookie with this IRule :

   HTTP_REQUEST_RELEASE    {
  set cookies [HTTP::cookie names]
  foreach aCookie $cookies {
    if {$aCookie matches_regex {^TS(?:[0-9a-fA-F]{6,8})(?:$|_[0-9]+$)}} {
      # Remove ASM Cookies
      log local0. $aCookie
      HTTP::cookie remove $aCookie
    }
  }
}

Like is describe in this KB https://support.f5.com/csp/article/K13693

But there is nothing to do, we still have the cookie in the client side. We also tried : HTTP_RESPONSE

Can we have some help?

BIG-IP v11.6.1 (Build 2.0.338) 

Best regards

David

0
Rate this Question
Comments on this Question
Comment made 30-Jul-2018 by Stephane Viau 122

This code will not remove the cookie completely, it will only prevent the cookie from being passed on to the pool members. In other words the client will send the cookie to the Big IP and the Big IP will remove the cookie from the http header before the request is sent to the server.

If you wish to remove the cookie completely, why don't you remove it from the ASM policy instead?

0
Comment made 31-Jul-2018 by Dawei_S 1

Hello Thanks for your answer, how can I remove it from the ASM policy ?

Best Regards

David

0
Comment made 31-Jul-2018 by MSZ 472

If you remove the cookie then it might cause trigger the cookie violation if enabled.

0

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

If you remove the cookie then it might cause trigger the cookie violation if enabled.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

HTTP_REQUEST_RELEASE is fired just before the Request from the Client is being sent to the Server-side (pool member), so my understanding is that is not what you want. You want the opposite - you want ASM to stop sending TS cookies to your client, you need to use HTTP_RESPONSE_RELEASE event,e.g:

  HTTP_RESPONSE_RELEASE    {
  set cookies [HTTP::cookie names]
  foreach aCookie $cookies {
    if {$aCookie matches_regex {^TS(?:[0-9a-fA-F]{6,8})(?:$|_[0-9]+$)}} {
      # Remove ASM Cookies
      log local0. $aCookie
      HTTP::cookie remove $aCookie
    }
  }
}

I am not quite sure about the version of BIG-IP you are using, I reported a bug in HTTP::cookie remove functionality to F5 years ago, it is likely that this will work only from version 11.6.1/12.0, a workaround was to use HTTP::header remove instead of cookie remove.

0