Last Modified: Sep 13, 2023
14.0.0, 184.108.40.206, 220.127.116.11
Opened: May 08, 2017 Severity: 3-Major
ASM cookies can be set with "secure" attribute on when BIG-IP works on SSL profile.
When working with encrypted network in the client side but clear network in the ASM virtual, cookies cannot be set with "secure" attributes.
Enabling ASM, network to BIG-IP without client-ssl.
There is no workaround at this time.
Added an internal parameter "assume_https", to decide always setting the "secure" attribute, even when the BIG-IP network is clear.