Thanks,
I will try this and let you know the results.
Much appreciated,
Duncan
On 1/10/2013 12:28 AM, Baptiste wrote:
Hi,
You can use the respirep feature:
rspirep ^Set-Cookie:\ (appsession.*) Set-Cookie:\ \1; HttpOnly
should do the trick.
It should even be compatible with NTLM.
Could you please give it a try and let me now if it works??
cheers
On Wed, Jan 9, 2013 at 12:51 PM, duncan hall <[email protected]> wrote:
For PCI compliance I need to add the httponly cookie attribute to the
appsession cookie set by IIS 6.0. Any thoughts on how I could accomplish the
rewriting of this cookie using haproxy?
Regards,
Duncan
