Bug ID 518283: Cookie rewrite mangles 'Set-Cookie' headers

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.6.0, 11.5.3, 11.5.2, 11.5.1, 11.4.1, 11.2.1

Fixed In:
11.6.0 HF6, 11.5.4

Opened: Apr 15, 2015
Severity: 3-Major
Related Article:
K16524

Symptoms

'Set-Cookie' headers are syntactically invalid.

Impact

'Set-Cookie' headers in the client side become syntactically invalid (two 'Path' values that can be contradictory, plus a broken 'Expires' string).

Conditions

Rewrite profile and 'Set-Cookie' header has 'Expires' attribute before 'Path' attribute.

Workaround

Put the 'Path' attribute before 'Expires' attribute.

Fix Information

The 'Expires' attribute is now properly parsed.

Behavior Change