Forum Discussion
samstep
Nov 23, 2016Cirrocumulus
I believe that ASM will detect this as a violation because this condition (55 cookies with the same name/different values) actually breaks the RFC standard for cookies.
RFC6265 states:
"Servers SHOULD NOT include more than one Set-Cookie header field in the same response with the same cookie-name"