Forum Discussion

BaltoStar_12467's avatar
Jul 12, 2014

BIG-IP : iRule fails to find cookie

In Google Advanced REST Client , I send my GET request with headers :

 

Cookie: special=1

My iRule has the following code :

 

when HTTP_REQUEST {
    set cookie_special [HTTP::cookie value "special"]
    log local0. "cookie_special = $cookie_special"

This logs as :

 

cookie_special = 

So apparently F5 is not finding a cookie named "special".

 

How can I further diagnose this issue ?

 

  • A few things:

    1. I'd makes sure you're actually sending a cookie. If you can tcpdump on the F5 external interface, set the -Xs0 flag to show the payload.

      tcpdump -lnni 0.0 -Xs0 host x.x.x.x
      
    2. Here's a really useful tool for analyzing request and response headers. You can see cookies with this as well.

      when HTTP_REQUEST {        
          foreach x [HTTP::header names] {
              log local0. "Request ($x) = [HTTP::header $x]"                
          }
      }
      when HTTP_RESPONSE {        
          foreach x [HTTP::header names] {
              log local0. "Response ($x) = [HTTP::header $x]"
          }
      }        
      
    3. You can use the [HTTP::header exists ] or [HTTP::cookie exists ] mechanisms to see if a cookie actually exists in a request:

      when HTTP_REQUEST {        
          if { [HTTP::cookie exists "mycookie"] } {            
              log local0. "mycookie exists: [HTTP::cookie value mycookie]"
          }
      }
      
  • Ok here is what I found out :

    [HTTP::cookie exists "mycookie"]
    

    is false - no cookie found. However :

    when HTTP_REQUEST { 
        foreach x [HTTP::header names] { 
            "log local0. Request ($x) = [HTTP::header $x]"
        } 
    }
    

    does include a header for a request cookie :

    Request (Cookie) = aCKE=c2735413-d64e-4778-81a5-3cd5e0cb0d37; tlrCKE=2014-07-12+23%3a26%3a04Z; ftc=x=07%2f13%2f2014+02%3a26%3a04&p1=120&p1q=404%253bhttp%253a%252f%252fwww.mydomain.com%253a2020%252fnatural-language-url-text&c=0; lsCKE=ors=identifier
    

    So apparently Google Advanced REST Client encrypts cookies by default ?

    and apparently these commands :

    [HTTP::cookie exists "mycookie" ] 
    [HTTP::cookie value "mycookie"] 
    

    will not find encrypted cookies ?

  • Cookie encryption does not usually include the name as well. What you see in this log is several different cookies (the browser will include all of the cookies in a single Cookie header, semicolon-delimited):

     

    aCKE=c2735413-d64e-4778-81a5-3cd5e0cb0d37;

     

    tlrCKE=2014-07-12+23%3a26%3a04Z;

     

    ftc=x=07%2f13%2f2014+02%3a26%3a04&

     

    p1=120&

     

    p1q=404%253bhttp%253a%252f%252fwww.mydomain.com%253a2020%252fnatural-language-url-text&

     

    c=0;

     

    lsCKE=ors=identifier

     

    I suppose it's possible that the name is also encrypted, but it seems pretty likely that the cookie you're looking for is not being sent by your REST client.

     

  • By the way, try this:

    when HTTP_REQUEST {
        if { [HTTP::cookie exists aCKE] } {
            log local. "Cookie (aCKE) = [HTTP::cookie value aCKE]"
        }
    }
    
  • You are correct - my cookie is not being sent.

     

    I closed all Chrome tabs, cleared my Chromes's cookies, and opened a new Goggle Advanced REST Client session, and submitted my request.

     

    The logged headers no longer includes Cookie.

     

    So now I am baffled -- how can I submit a test request to F5 that includes a Cookie ?

     

  • You can use a simple cURL command that sets a cookie header:

    curl -v http://x.x.x.x -H "Cookie: mycookie=1; yourcookie=2"    
    

    This sends two cookies in the request.