API tools faq
paste
Advertisement
keeganjacobson

Encrypt_HTTP_cookies_dynamic_v2

keeganjacobson
Oct 31st, 2017
185
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
TCL 1.94 KB | None | 0 0
raw download clone embed print report
  1. #Modified by Keegan Jacobson
  2. #Source https://devcentral.f5.com/codeshare?sid=500
  3.  
  4. when RULE_INIT {
  5.  
  6.     # Cookie name prefix
  7.     set static::ck_pattern "BIGipServer*"
  8.  
  9.     # Log debug to /var/log/ltm? 1=yes, 0=no)
  10.     set static::ck_debug 0
  11.  
  12.     # Cookie encryption passphrase
  13.     # Change this to a custom string!
  14.     set static::ck_pass "SET_COOKIE_HERE_LEAVE_THE_QUOTES_THOUGH"
  15. }
  16. when HTTP_REQUEST {
  17.  
  18.     if {$static::ck_debug}{log local0. "Request cookie names: [HTTP::cookie names]"}
  19.    
  20.     # Check if the cookie names in the request match our string glob pattern
  21.     if {[set cookie_names [lsearch -all -inline [HTTP::cookie names] $static::ck_pattern]] ne ""}{
  22.  
  23.         # We have at least one match so loop through the cookie(s) by name
  24.         if {$static::ck_debug}{log local0. "Matching cookie names: [HTTP::cookie names]"}
  25.         foreach cookie_name $cookie_names {
  26.            
  27.             # Decrypt the cookie value and check if the decryption failed (null return value)
  28.             if {[HTTP::cookie decrypt $cookie_name $static::ck_pass] eq ""}{
  29.  
  30.                 # Cookie wasn't encrypted, delete it
  31.                 if {$static::ck_debug}{log local0. "Removing cookie as decryption failed for $cookie_name"}
  32.                 HTTP::cookie remove $cookie_name
  33.             }
  34.         }
  35.         if {$static::ck_debug}{log local0. "Cookie header(s): [HTTP::header values Cookie]"}
  36.     }
  37. }
  38. when HTTP_RESPONSE {
  39.  
  40.     if {$static::ck_debug}{log local0. "Response cookie names: [HTTP::cookie names]"}
  41.    
  42.     # Check if the cookie names in the request match our string glob pattern
  43.     if {[set cookie_names [lsearch -all -inline [HTTP::cookie names] $static::ck_pattern]] ne ""}{
  44.        
  45.         # We have at least one match so loop through the cookie(s) by name
  46.         if {$static::ck_debug}{log local0. "Matching cookie names: [HTTP::cookie names]"}
  47.         foreach cookie_name $cookie_names {
  48.            
  49.             # Encrypt the cookie value
  50.             HTTP::cookie encrypt $cookie_name $static::ck_pass
  51.         }
  52.         if {$static::ck_debug}{log local0. "Set-Cookie header(s): [HTTP::header values Set-Cookie]"}
  53.     }
  54. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!