Chad_Roberts_21
Jun 18, 2008Nimbostratus
Removing Duplicate Set-Cookie Definitions
Once again I come here with my hands open, hoping for someone to turn on the light over my head.
We've run into a scenario where our web servers sometimes send duplicate Set-Cookie definitions in the same transmission, and we would like to prevent this with the BIG-IPs. Using the Live HTTP Headers plugin in Firefox, we see it look something like this:
Set-Cookie: SESSIONID=AAAAABBBBBCCCCC; domain=.domain.com; path=/path/
Set-Cookie: SESSIONID=AAAAABBBBBCCCCC; domain=.domain.com; path=/path/
Set-Cookie: SESSIONID=AAAAABBBBBCCCCC; domain=.domain.com; path=/path/
In my example all values are the same, which is often the case, but sometimes they are not. We want to keep the last cookie definition and discard any previous one. What I want to prevent is having to use a variable to fetch the value and every possible attribute (domain, path, secure, httponly, etc), delete all of the cookie definitions, and redefine it again, as that seems like an awful lot of unnecessary processing. I'm looking for a way specifically to just delete the duplicates and leave the final one intact.
To make things interesting, I've noticed that HTTP::cookie definitions seem to work from the bottom up instead of from the top down, so a reference that will only match on one of them will match on the last one, complicating things a bit.
Do you have any suggestions?