Bug ID 880157: Unable to set SameSite attribute for AVR session cookie

Last Modified: Apr 01, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP AVR(all modules)

Known Affected Versions:
15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2

Opened: Feb 12, 2020
Severity: 3-Major

Symptoms

When trying to set the 'Samesite' attribute using a Local traffic policy according to https://devcentral.f5.com/s/articles/increased-security-with-first-party-cookies-30715, you are able to set the SameSite attribute for all cookies except for the AVR user session cookie.

Impact

Can't add SameSite attribute to AVR cookies.

Conditions

-- Use Google Chrome browser. -- Page load time or user sessions collecting in HTTP Analytics profile is checked for the related virtual server.

Workaround

None

Fix Information

None

Behavior Change