Forum Discussion
Andy_McGrath
Nov 29, 2017Cumulonimbus
If you cannot update the back end application/web server to add them can do the following in an iRule in the Response.
when HTTP_RESPONSE {
if {[HTTP::cookie exists “newappcookie”]} {
HTTP::cookie secure “newappcookie” enable
HTTP::cookie httponly “newappcookie” enable
}
}
Might also be able to do it using a Policy.
You might also need to set the cookie version to 0 with the following line before setting secure and httponly flags
HTTP::cookie version “newappcookie” 0
Test it with and without see which works.