Bug ID 708720: Not all ASM cookies are sent with 'secure' flag when turning on dosl7.use_secure_cookies

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
12.1.2, 12.1.3,,,,,,,, 12.1.4,, 12.1.5,,,, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0,,,,,,,,, 13.1.1,,,,, 13.1.3,,,,,,, 13.1.4,, 13.1.5,, 14.0.0,,,,,, 14.0.1,

Fixed In:

Opened: Mar 04, 2018

Severity: 4-Minor


When turning on dosl7.use_secure_cookies bigdb, all cookies set by DoSL7 are expected to be sent with the 'secure' flag. However, this is not the case for the TS_27 cookie: it is sent without the 'secure' flag.


TS_27 cookie is sent without the 'secure' flag.


1. Efoxy (persistent client identification) is on. 2. dosl7.use_secure_cookies bigdb is on.


There is no workaround other than to turn off efoxy.

Fix Information

DoSL7 cookies are now sent with the correct 'secure' flag.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips