Cookie not RFC-compliant - RFC VIOLATIONS

Question

Dear all,
I have a problem when logging my site.
- The "Cookie not RFC-compliant", 
And in Request detail, i see: 
Cookie Buffer
76cfa8cc0ad$[[\"__json_message\"
- The cookies is:
Accept-Encoding: gzip, deflate, sdch
 Accept-Language: en,vi;q=0.8,fr-FR;q=0.6,fr;q=0.4,en-US;q=0.2
 Cookie: csrftoken=ivEklh7E3rN9wDlxPiYbrDM6gDRKEGjCoKFTwwwZldtrQOsERu7cOGr6bTmHQFtp; _ga=GA1.1.1478099048.1492485183; _gat=1; sessionid=4aecjmyctbe1q84zmaftyo0dlipncjj6; messages="95c450bd82379a47515717e3e02a476cfa8cc0ad&nbsp;
So, what is i should do here. Which field i must enable in RFC - COMPLIANT VIOLATIONS.
 My asm version: 11.6&nbsp;
Thank you in advance!&nbsp;

nathe · Answer

Sorry themyth, the format of the Request doesn't make it that easy to read, perhaps a screenshot may be better? Anyway, here is the violation detail (in case you haven't seen it) - does the cookie violate any of these specific issues?
This violation occurs when HTTP cookies contain at least one of the following components:
- Quotation marks in the cookie name.
- A space in the cookie name or cookie value.
- An equal sign (=) in the cookie name.
Note: A space between the cookie name and the equal sign (=), and between the equal sign (=) and cookie value is allowed.
- An equal sign (=) before the cookie name.
- A carriage return (hexadecimal value of 0xd) in the cookie name.

Hope this helps

Forum Discussion

Cookie not RFC-compliant - RFC VIOLATIONS

1 Reply

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

Cookie-based DDoS protection

Decoding the IPv4 address from the persistence cookie

Rate limiting GraphQL API query using iRule and Advanced WAF Violation

Cookie Tampering Protection using F5 Distributed Cloud Platform

Separating False Positives from Legitimate Violations