Setting a Cookie with Secure and HTTPOnly
![[Deleted User]](https://we.vanillicon.com/v2/e139ae33e2c325a0dfbf935f7021d8f2.svg)
in aFleX
Posted by TODDH
We are in the process of going through some compliance audits, and the cookies that the load balancers use to return packets to specific servers can contain the “secure” attribute but we don’t have a way to include the “httponly” attribute. Is there a way with an aFlex to set both?
Thanks,
-Todd-
We are in the process of going through some compliance audits, and the cookies that the load balancers use to return packets to specific servers can contain the “secure” attribute but we don’t have a way to include the “httponly” attribute. Is there a way with an aFlex to set both?
Thanks,
-Todd-
0
Comments
if { [HTTP::header exists "Set-Cookie"] } {
set cookie_value [HTTP::cookie "persistcookie"]
HTTP::cookie remove "persistcookie"
HTTP::header insert "Set-Cookie" "persistcookie=$cookie_value;path=/; HttpOnly; Secure"
}
}