How to Add an SSL Secure and HTTP only flag to cookies from a Real Server
To add flags to a cookie being generated by the Real Server, the content switching engine must be used.
The first step is to create the content rule:
- In the main menu of the LoadMaster Web User Interface (WUI), go to Rules & Checking > Content Rules.
- Click Create New.
- Enter a name for the rule.
- Select Replace Header as the Rule Type.
- Enter set-cookie in the Header Field.
- Enter /(.*?);?$/ in the Match String text box.
- Enter \1; secure; httponly in the Value of Header Field to be replaced text box.
- If in case httponly is already in the response, then remove it from the content rule: \1; secure
Next, apply the rule to a Virtual Service. Please note that in the case of SSL-based services, SSL Acceleration must be enabled.
To apply the rule to a Virtual Service, follow the steps below:
- In the main menu, go to Virtual Services > View/Modify Services.
- Click Modify on the relevant Virtual Service.
- Expand the Advanced Properties section.
- Click Show Header Rules.
- Under Response Rules select the rule created above from the drop-down list and click Add.
Note: In the Virtual Service settings, the Service Type must be set to HTTP/HTTPS, and SSL Acceleration must be enabled.
Jochen Staecker
if http only attribute already set, omit from value to be replaced