Forum Discussion

ramann_75062's avatar
ramann_75062
Icon for Nimbostratus rankNimbostratus
Mar 24, 2009

Delete cookie not work

Hi@all,

 

 

I use a encrypted cookie. In the response I check the cookie, which is manipulated

 

 

 

if { [HTTP::cookie exists COOID] } {

 

set decrypted [HTTP::cookie decrypt "COOID" "1234"]

 

if { ($decrypted eq "") } {

 

Cookie wasn't encrypted, delete it

 

HTTP::cookie remove "COOID"

 

log local0. "COOKIE_CHECK: Cookie was changed... [IP::client_addr]"

 

HTTP::redirect "http://redirect.to.nowhere/"

 

}

 

}

 

 

When I check the cookies in my brwoser (FF3.0) - the cookie was not removed. What do I wrong.

 

 

Please help.

 

 

THanks

 

bjoern
application delivery
dev
devops
iRules

3 Replies

Sort By
  • dennypayne's avatar
    dennypayne
    Icon for Employee rankEmployee
    Mar 24, 2009
    Looks OK at first glance...I'm assuming you are calling this code in the HTTP_RESPONSE event? Do you ever see the COOKIE_CHECK message in the logs? You might try adding some more levels of logging to make sure your conditions are actually firing.

     

     

    Denny
  • ramann_75062's avatar
    ramann_75062
    Icon for Nimbostratus rankNimbostratus
    Mar 24, 2009
    yes, its in the HTTP_RESPONSE part and i see the COOKIE_CHECK message in the logs.

     

     

    Deleting the cookie is possible when I don´t use a HTTP::redirect

     

     

  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Mar 25, 2009
    Hi bjoern,

     

     

    You would need to set the cookie to expire in the redirect response. In order to do this, you'd need to use HTTP::respond instead of HTTP::redirect so you can add a Set-Cookie header. Here is an example:

     

     

    HTTP::respond 302 Location "http://newhost.example.com/redirect_location.html" Set-Cookie {cookie_name=null; Path=/; Expires=Thurs, 01-Jan-1970 00:00:00 GMT;}

     

     

    The path needs to be set in this response with the same path that the original cookie was set with.

     

     

    I haven't tested this exact command, but I've used similar before.

     

     

    Aaron