PFortin93 · June 25, 2018 14:41
diff --git a/Site-CookieSecurer.irule b/Site-CookieSecurer.irule
 #Cookie Rewrite Rule
 #Used to enable secure cookie on response and disable on request, 
 #Allows client to see secure cookies while server sees standard cookie
 #Allows cookie security to only fire on specific set of domains
 #Array must be even number of domains for function to work
 #By Pierce Fortin [email protected]
 #12/12/2017 v 1.0 Original Cookie Rename Profile
 #6/18/2018 v 1.1 Replaced rename logic to instead be secure logic
 when RULE_INIT 
 {
 	set static::CookieDebugOn 0
 }
 when CLIENT_ACCEPTED 
 {
 	set logPrefix "[IP::client_addr]:[TCP::client_port]:CookieCOOKIE:\[HTTPS\]:\t"
 	if { $static::CookieDebugOn } { log local0. "$logPrefix: Client accepted" }
 }

 when HTTP_REQUEST {
 #Checks to see if request is a cookie domain
 	if { $static::CookieDebugOn } { log local0. "$logPrefix: ### Begin processing Incoming" }
 	set isCookieDomain 0
    array set CookieDomains 
    {
        "domain.com" 
        "Domain2.com"
    }
    foreach domain [array get CookieDomains]
    {
 		if { $static::CookieDebugOn } { log local0. "$logPrefix: Checking [HTTP::host] against $domain" }
        if { [string tolower [HTTP::host]] eq [string tolower $domain] } {
 			if { $static::CookieDebugOn } { log local0. "$logPrefix: Current request is an Cookie domain. Processing" }
        	set isCookieDomain 1
   		}
 	}

 #Enumerate cookies for debug purposes
 			if { $static::CookieDebugOn }{
 				foreach cookie [HTTP::cookie names] {
 				log local0. "Cookie name: $cookie, Cookie value: [HTTP::cookie value $cookie]"
 				}
 			}
 }


 when HTTP_RESPONSE {
 	if { $static::CookieDebugOn } { log local0. "$logPrefix: Processing Response" }
    if { $isCookieDomain eq 1 } {
 		if { $static::CookieDebugOn } { log local0. "$logPrefix: Current request is an Cookie domain. Rewriting cookie" }
   		foreach mycookie [HTTP::cookie names] {
   			 HTTP::cookie secure $mycookie enable
 			 HTTP::cookie httponly $mycookie enable
   		}
 	}
 	else {
 	if { $static::CookieDebugOn } { log local0. "$logPrefix: Current response is not an Cookie domain. Disabling STREAM" }
 	 #Enumerate cookies for debug purposes
 		if { $static::CookieDebugOn }{
 			foreach cookie [HTTP::cookie names] {
 			log local0. "Cookie name: $cookie, Cookie value: [HTTP::cookie value $cookie]"
 			}
 		}
 	}
 }
	#Cookie Rewrite Rule
	#Used to enable secure cookie on response and disable on request,
	#Allows client to see secure cookies while server sees standard cookie
	#Allows cookie security to only fire on specific set of domains
	#Array must be even number of domains for function to work
	#By Pierce Fortin [email protected]
	#12/12/2017 v 1.0 Original Cookie Rename Profile
	#6/18/2018 v 1.1 Replaced rename logic to instead be secure logic
	when RULE_INIT
	{
	set static::CookieDebugOn 0
	}
	when CLIENT_ACCEPTED
	{
	set logPrefix "[IP::client_addr]:[TCP::client_port]:CookieCOOKIE:\[HTTPS\]:\t"
	if { $static::CookieDebugOn } { log local0. "$logPrefix: Client accepted" }
	}

	when HTTP_REQUEST {
	#Checks to see if request is a cookie domain
	if { $static::CookieDebugOn } { log local0. "$logPrefix: ### Begin processing Incoming" }
	set isCookieDomain 0
	array set CookieDomains
	{
	"domain.com"
	"Domain2.com"
	}
	foreach domain [array get CookieDomains]
	{
	if { $static::CookieDebugOn } { log local0. "$logPrefix: Checking [HTTP::host] against $domain" }
	if { [string tolower [HTTP::host]] eq [string tolower $domain] } {
	if { $static::CookieDebugOn } { log local0. "$logPrefix: Current request is an Cookie domain. Processing" }
	set isCookieDomain 1
	}
	}

	#Enumerate cookies for debug purposes
	if { $static::CookieDebugOn }{
	foreach cookie [HTTP::cookie names] {
	log local0. "Cookie name: $cookie, Cookie value: [HTTP::cookie value $cookie]"
	}
	}
	}


	when HTTP_RESPONSE {
	if { $static::CookieDebugOn } { log local0. "$logPrefix: Processing Response" }
	if { $isCookieDomain eq 1 } {
	if { $static::CookieDebugOn } { log local0. "$logPrefix: Current request is an Cookie domain. Rewriting cookie" }
	foreach mycookie [HTTP::cookie names] {
	HTTP::cookie secure $mycookie enable
	HTTP::cookie httponly $mycookie enable
	}
	}
	else {
	if { $static::CookieDebugOn } { log local0. "$logPrefix: Current response is not an Cookie domain. Disabling STREAM" }
	#Enumerate cookies for debug purposes
	if { $static::CookieDebugOn }{
	foreach cookie [HTTP::cookie names] {
	log local0. "Cookie name: $cookie, Cookie value: [HTTP::cookie value $cookie]"
	}
	}
	}
	}
No results found