Highest Voted 'cookies' Questions - Server Fault Stack Exchange

38

votes

3 answers

How to rewrite the domain part of Set-Cookie in a nginx reverse proxy?

I have a simple nginx reverse proxy: server { server_name external.domain.com; location / { proxy_pass http://backend.int/; } } The problem is that Set-Cookie response headers contain ;Domain=backend.int, because the backend does not know…

asked Jun 08 '11 at 11:06

Tobia

1,143
1
12
19

26

votes

3 answers

Can subdomain.example.com set a cookie that can be read by example.com?

I simply cannot believe this is quite so hard to determine. Even having read the RFCs, it's not clear to me if a server at subdomain.example.com can set a cookie that can be read by example.com. subdomain.example.com can set a cookie whose Domain…

http cookies subdomain

asked Jun 22 '10 at 00:39

Evan Plaice

480
1
5
12

16

votes

4 answers

haproxy: how to prepare a server maintenance without kicking app sessions?

The issue I'm using haproxy to load balance web servers. I use session persistence with additional cookies as some applications use session files and these are not synchronized between servers. I want to disable a server for maintenance, but without…

haproxy maintenance cookies

asked Jul 15 '15 at 16:39

Christophe Drevet

1,962
2
17
25

11

votes

3 answers

Add samesite to cookies using Nginx as reverse proxy

With Nginx as reverse proxy, how do you add samesite=strict or samesite=lax to cookies?

nginx reverse-proxy rewrite cookies

asked May 13 '17 at 10:19

Dr.Haribo

213
1
2
6

11

votes

2 answers

Nginx - Serve static content from a cookieless domain

I'm using the "page speed" extension for Firebug to try to optimise a website and I'm currently working on the following suggestion: "Serve static content from a cookieless domain". I have created a separate sub-domain for some content so that I…

nginx http static-content cookies cookieless

asked Jul 14 '10 at 07:11

Tom

4,157
11
41
52

10

votes

8 answers

Servers harrassed by individual on constantly changing IPs

We run a community product. There is an individual (a little PoS kid) in the UK that is harassing our site for the last 6 months. His daily task is to create a new account, post a bunch of illegal / inflammatory content, get a rise out of people,…

security denial-of-service brute-force-attacks cookies

asked Feb 23 '10 at 23:20

Arronsky2

9

votes

2 answers

Is there a way to configure HAProxy to send traffic based on a cookie?

When configuring HAProxy, I would like to send traffic to certain servers based on the presence of a cookie. For example: There is a HAProxy server and 2 web servers (serverA and serverB). When someone logs in, a cookie is created…

haproxy cookies

asked Oct 16 '09 at 22:00

King

8

votes

1 answer

Date header returned by IIS7 is wrong

I am serving an ASP.NET application from IIS 7 but we are experiencing some weird cookie issues. The code works fine in other environments so we are assuming this is specific to this server (related question). We have been looking at the http…

iis asp.net cookies

asked Dec 30 '10 at 10:22

James Hollingworth

183
1
3

7

votes

2 answers

How cookies work with non persistance load balencers

We have a Drupal application that uses sso to log users in. We are using AWS classic load balancers (ELB), AWS is telling us that there is no session persistence on the ELB. What I am trying to figure out is how cookies work with non persistence on…

amazon-web-services cookies

asked Oct 17 '18 at 13:45

Donna Delour

414
5
10

6

votes

2 answers

How to make Varnish ignore, not delete cookies

I want to use Varnish to cache certain pages even in the presence of cookies. There are 3 possibilities that I need to take care of: An anonymous user is viewing some page A logged in user is viewing some page with light customization. These…

http cache varnish cookies http-cookie

asked Nov 24 '10 at 21:40

Jason Christa

622
4
11
21

6

votes

2 answers

How can I force Apache to not set cookies for subdomain?

I've set up a specific subdomain on my server for static content -- images.example.com I'd like to configure Apache to never let cookies be set on that domain. But I'm not sure where/how to do that. Please advise :-) Thanks!

apache-2.2 cookies

asked Mar 02 '10 at 18:55

Eric

5

votes

1 answer

Problems setting a cookie from a machine proxied by nginx

For a project of mine, I need to wire up a long chain of machines that are essentially proxying the HTTP requests for each other. It goes like this: Web client - A - B/C - D When a request is made from the browser, it first goes through a thin…

nginx proxy reverse-proxy cookies

asked May 16 '13 at 07:57

Preslav Rachev

151
1
1
4

5

votes

3 answers

Leverage proxy caching with nginx by removing Set-Cookie header

The following is a result of a bug within WebKit's Dev Tools used by Google Chrome and Apple's Safari. I have made a bug report with CrBug, who then identified the regression within WebKit Changeset 116952. I would like to thank @Grumpy and…

nginx cookies

asked Jan 03 '13 at 23:25

Mark Tomlin

620
3
10
23

5

votes

2 answers

Apache mod_header rule to change all cookies to secure

I would like to change all cookies to be secure and http-only. It works fine for one cookie, but doesn't work when multiple cookies are set in response. Apache mod_header rule should change cookies from: Set-Cookie cookie1=value; Path=/somePath…

apache-2.2 cookies

asked Feb 15 '11 at 14:12

Juraj

171
1
1
6

5

votes

2 answers

How to add recently set cookies to nginx's access log

I'd like to include cookie data in an nginx access log like so: (simplified example) log_format foo '$remote_addr "$request" $cookie_bar'; access_log /var/log/nginx/access.log foo; This works great on requests that already have a cookie "bar", but…

nginx log-files cookies

asked Jan 18 '11 at 00:18

etoleb

201
1
2
5

Questions tagged [cookies]