Adding the SSL Secure Flag and HTTPonly flag to cookies from the Real Server

To add flags to a cookie being generated by the Real Server, the content switching engine must be used. 

The first step is to create the content rule:

  1. In the main menu of the LoadMaster Web User Interface (WUI), go to Rules & Checking > Content Rules.
  2. Click Create New.
  3. Enter a name for the rule.
  4. Select Replace Header as the Rule Type.
  5. Enter set-cookie in the Header Field.
  6. Enter /(.*?);?$/ in the Match String text box.
  7. Enter \1; secure; httponly in the Value of Header Field to be replaced text box.
  8. If in case httponly is already in the response, then remove it from the content rule.(\1; secure)

 

Next, apply the rule to a Virtual Service. Please note that in the case of SSL-based services, SSL Acceleration must be enabled.

To apply the rule to a Virtual Service, follow the steps below:    

  1. In the main menu, go to Virtual Services > View/Modify Services.
  2. Click Modify on the relevant Virtual Service.
  3. Expand the Advanced Properties section.
  4. Click Show Header Rules.
  5. Under Response Rules select the rule created above from the drop-down list and click Add.

Note:  In the Virtual Service settings, the Service Type must be set to HTTP/HTTPS, and SSL Acceleration must be enabled.

Was this article helpful?

0 out of 0 found this helpful

Comments

Avatar
Jochen Staecker

if http only attribute already set, omit from value to be replaced