Hi, You could fix this with an acl to prevent adding the secure flag if one is present.
Baptiste Le 28 janv. 2014 12:09, "Ricardo" <[email protected]> a écrit : > Thanks, It works as expected. > > A a note, if the cookie have already the secure flag, with this rule, pass > to have two secure flags, but I don't have any issue with this behavior. > > Regards, > > > ---------------------------------------- > > Date: Sat, 25 Jan 2014 11:26:55 +0100 > > From: [email protected] > > To: [email protected] > > CC: [email protected] > > Subject: Re: Add secure to all cookies passed to the client > > > > Hi Ricardo, > > > > On Thu, Jan 09, 2014 at 10:35:46AM +0100, Ricardo wrote: > >> Whit this conf, the result of the cookies passed to the client is this: > >> > >> Set-Cookie: JSESSIONID=1EAA38A1BD418EB1A79DD64E1AE9A407; Path=/; > HttpOnly > >> Set-Cookie: WEBSERVERID=B|Us5p2|Us5p2; path=/ > >> > >> But I'm looking for secure this cookies in the haproxy:443. If I modify > the conf in the backend of this balancer with "cookie WEBSERVERID rewrite > secure", the result is the same. > >> > >> If I modify to "cookie WEBSERVERID insert secure", the result is this: > >> > >> Set-Cookie: JSESSIONID=1EAA38A1BD418EB1A79DD64E1AE9A407; Path=/; > HttpOnly > >> Set-Cookie: WEBSERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; > path=/; Secure > >> > >> But I'm looking for a complete rewrite of all cookies without loosing > information and with the secure option. Is it possible? > > > > What you're talking about is rewriting cookie headers sent by the > > server. In short, you want something like this to append "Secure" > > to the Server cookies : > > > > rspirep ^(set-cookie:.*) \1;\ Secure > > > > And of course you keep the "secure" flag on your "cookie" statements. > > > > Regards, > > Willy > > > > >
