Forum Discussion

Nova_201357's avatar
Nova_201357
Icon for Nimbostratus rankNimbostratus
Jan 25, 2017

Remove cookie with spaces in name

All,

I have a situation where a team member accidently dropped a cookie on our site with spaces / blanks in the name. This caused ASM to block pages from user browser requests with the cookie. As a work a around, I disabled RFC cookie checking, so we're good there. Now the web team wants the cookie deleted (expired).

I found an irule that should work on the response event, and I think it should work. Logging the progress of the irule shows that the http::cookie exists test is not catching the space embedded cookie.

when HTTP_RESPONSE {
    log local0. "Now looking for cookie to kill"
    if {[HTTP::cookie exists " kill this cookie"] }{
        log local0. "cookie found"
        HTTP::cookie remove " kill this cookie"
        HTTP::header insert Set-Cookie " kill this cookie=deleted;secure;expires=Thu, 01 Jan 1970 00:00:00 GMT"
    }
 }

Does this need to be formatted differently or is it a limitation of the function? Any thought or ideas are appreciated.

Thanks,

Mike
application delivery
iRules
LTM

4 Replies

Sort By
  • JG's avatar
    JG
    Icon for Cumulonimbus rankCumulonimbus
    Jan 27, 2017

    Is the backend app server still issuing the bad cookie?

     

  • Kai_Wilke's avatar
    Kai_Wilke
    Icon for MVP rankMVP
    Jan 27, 2017

    Hi Nova,

    the 

    [HTTP::cookie exists]
    command should be able to catch a cookie name containing whitespaces (just verified this behavior on TMOS 12.1).

    If the problem still persist, then it could be a problem of CASE-sensitivity. So please verify if you're using the correct CASE within your iRule.

    Cheers, Kai

  • Nova_201357's avatar
    Nova_201357
    Icon for Nimbostratus rankNimbostratus
    Jan 30, 2017

    Thanks for the replies.

     

    The iRule is working, my testing was flawed. So it's all good now.

     

    Thanks, Mike