ASM change Enforced Cookies to case insensitive

Question

I would like to protect the session cookie of our web application from being changed by the client. Therefore I've added the cookie name to the list of enforced cookies in the ASM policy&nbsp;
The list of enforced cookies is case sensitive. However our web application is case insensitive. Is it possible to treat an enforced cookie name as case insensitive in the ASM?&nbsp;
I don't want to add all lower/uppercase variants to the list because this could be hundreds of entries.&nbsp;
e.g. mysessionid, MySessionid, MYSEssionid, and so on.&nbsp;
I'd be happy about a hint. Thanks.&nbsp;
Cookies Settings: By adding enforced cookies&nbsp;
BigIP 11.1.0 Build 2268.0 Hotfix HF5&nbsp;
 &nbsp;

mike_maher · Answer

I don't think you can do it for just cookies, but there is a setting when you create the policy to make it case insensitive. &nbsp;

Forum Discussion

ASM change Enforced Cookies to case insensitive

1 Reply

Recent Discussions

Advise on setting up IRULE

Chrome V 124+ on MacOS - Virtual Server Access Issue

Port Group on F5OS network setting

F5Access | MacOS Sonoma

Rewrite uri translation not working

Related Content

BoT Defense Profile, Signature Enforcement

Case Insensitive Comparisons

Enforce RFC Compliance option in http profile

Decoding the IPv4 address from the persistence cookie

Enforce Server Cipher proposal in preferred order