Bug ID 469627: When persistence is overriden from cookie to some other persistence method, the cookie should not be sent.

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1

Fixed In:
11.6.0, 11.5.4 HF2

Opened: Jun 30, 2014
Severity: 3-Major

Symptoms

If cookie persistence is configured, then persistence cookies will be sent to the client. However, if the persistence profile is overridden by an iRule "persist" command, that cookie should not be sent.

Impact

1) Extra persistence cookies may be included in a response even if they are not required by the current persistence method. 2) Passive cookies may not be encrypted in some situations.

Conditions

1) A cookie persistence profile is used, and it is overridden to some other persistence method via an iRule. 2) Passive cookie persistence is used, the "always send" option is off, and cookie encryption is enabled.

Workaround

1) The extra cookie can be removed by an iRule. 2) Turn the "always send" option on if using passive persistence cookies.

Fix Information

1) Persistence cookies will not be inserted if the persistence method is changed from cookie persistence to some other persistence method. 2) Passive persistence cookies will be encrypted even if the "always send" option is off.

Behavior Change