Forum Discussion

lorenze's avatar
lorenze
Icon for Altocumulus rankAltocumulus
Jul 09, 2020

Set Cookie SameSite = None

Hello Cool People.

 

I'm fairly new to F5 and was wondering if there is an easy way to set the SameSite Cookie attribute to "None". I did look at the F5 irule article and don't quite understand the code as its too long. The goal was just to set SameSite = None for our site that goes trough f5. We have version 11 and was looking at this article https://github.com/f5devcentral/irules-toolbox/blob/master/security/http/cookies/samesite-attributes-pre-v12.tcl. Does this good to go by just making an irule with this entry and set it to our pool or are there any adjustments needed for our environment? Appreciate any response.

 

Best,

 

 

2 Replies

  • Tried creating an irule with the following entry but all doesnt seem to address the issue:

    when HTTP_RESPONSE {
    	set COOKIE_VAL [HTTP::header values "Set-Cookie"]
    	HTTP::header remove "Set-Cookie"
     
    	foreach COOKIE_NAME $COOKIE_VAL {
    		HTTP::header insert "Set-Cookie" "${COOKIE_NAME}; SameSite=none"
                    HTTP::cookie secure ${COOKIE_NAME} enable
    	}
    }
    when HTTP_RESPONSE {
     
            HTTP::header replace Set-Cookie "[HTTP::header Set-Cookie]; HttpOnly;SameSite=none; Secure"
     
     
     
      }

    Appreciate any response. Thank You!