dgytech
Jul 25, 2017Altostratus
Exclude specific cookie from set_cookie_header iRule
We currently apply "Secure" and "HttpOnly" via the iRule below. We now need to exclude any cookie that starts with "XSRF-TOKEN" from the "HttpOnly" portion of this iRule. Any help in syntax would be appreciated!
when HTTP_RESPONSE { set unsafe_cookie_headers [HTTP::header values "Set-Cookie"] HTTP::header remove "Set-Cookie" foreach set_cookie_header $unsafe_cookie_headers { HTTP::header insert "Set-Cookie" "${set_cookie_header}; Secure; HttpOnly" } }