Forum Discussion
3 Replies
Hi Danny,
could you please elaborate some additional details, about "breaks the site with a "Secure Connection Failed"? Is this error message generated in the LTM logfiles, or is this an error message generated on the client side?
Assuming that the iRule works fine and doesn't raises an TCL error. Then the HttpOnly flag would instruct your browser to protect the cookie in such a way, that the cookie could only be accessed when requesting HTTP(S) content. But not directly access using scripting languages (e.g. JScript) nor other programs.
Enabling the HttpOnly flag is one of the best defenses to counter Cross-Site-Scripting (XSS) attacks on sesitive cookie information. But on the other hand may break your application, if certain "friedly" JScripts have to access the raw cookie information/data...
Cheers, Kai
- Danny_Alvarez_1Nimbostratus
Thank you Kai.
"Secure Connection Failed" comes up on the browser:
Can you think of any logs/captures that can tell us and the client what is braking?
This being SSL secured captures complicates troubleshooting.
Thanks again.
Danny.
Hi Danny,
it looks like an ordinary TCP connection reset. In this case you'll hopefully find some addtional information in your LTM log file. Keep an eye for TCL related errors...
To capture SSL requests/responses I could recommend to use Fiddler2. Fiddler2 is a free SSL-Inspection enabled Forward-Proxy (runs on your desktop) that lets you explore SSL protected HTTP communication. Give it a try, download and install this tool and don't forget to turn on SSL inspection within the Fiddler HTTPS Options. But i guess in your specific case Fiddler2 would also just see the connection reset?
Note: Keep in mind that the
is relatively new. You have to use v11+ to use this command.[HTTP::cookie httponly]
Cheers, Kai