Nova_201357
Jan 25, 2017Nimbostratus
Remove cookie with spaces in name
All,
I have a situation where a team member accidently dropped a cookie on our site with spaces / blanks in the name. This caused ASM to block pages from user browser requests with the cookie. As a work a around, I disabled RFC cookie checking, so we're good there. Now the web team wants the cookie deleted (expired).
I found an irule that should work on the response event, and I think it should work. Logging the progress of the irule shows that the http::cookie exists test is not catching the space embedded cookie.
when HTTP_RESPONSE {
log local0. "Now looking for cookie to kill"
if {[HTTP::cookie exists " kill this cookie"] }{
log local0. "cookie found"
HTTP::cookie remove " kill this cookie"
HTTP::header insert Set-Cookie " kill this cookie=deleted;secure;expires=Thu, 01 Jan 1970 00:00:00 GMT"
}
}
Does this need to be formatted differently or is it a limitation of the function? Any thought or ideas are appreciated.
Thanks,
Mike