ACOS 5.2.1-P7
  • Start Here
  • How to Use this Reference
  • Resources
  • Operations
  • Example API Configuration
  • Filters
  • Batching Requests
  • Status Codes
  • aam
  • access-list
  • accounting
  • acos-cloud-integration
  • acos-events
  • admin
  • admin-detail
  • admin-lockout
  • admin-session
  • allow-slb-cfg
  • application-type
  • audit
  • authentication
  • authorization
  • automatic-update
  • axdebug
  • backup
  • backup-periodic
  • banner
  • bgp
  • bios-prog
  • bootimage
  • call-home
  • cgnv6
  • chassis-application-type
  • class-list
  • clock
  • cloud-services
  • config-sync-status
  • debug
  • delete
  • disable-management
  • dnssec
  • domain-list
  • enable-core
  • enable-management
  • environment
  • event
  • event-notification
  • fail-safe
  • fan-speed
  • file
  • file-system
  • fw
  • glid
  • glm
  • gslb
  • harmony-controller
  • hd-monitor
  • health
  • hostname
  • hsm
  • import-periodic
  • interface
  • ip
  • ip-list
  • ipv4-in-ipv6
  • ipv6
  • ipv6-in-ipv4
  • key
  • ldap-server
  • license-manager
  • locale
  • logging
  • maximum-paths
  • merge-mode-add
  • mirror-port
  • misc
  • miscellenious-alb
  • monitor
  • multi-config
  • net-mgmt
  • netflow
  • network
  • ntp
  • ntp-status
  • object
  • object-group
  • overlay-mgmt-info
  • overlay-tunnel
  • partition
  • partition-all
  • partition-available-id
  • partition-group
  • pki
  • plat-buff-stats
  • plat-cpu-drop
  • plat-cpu-packet
  • radius-server
  • rate-limit
  • rba
  • remove-upgrade-lock
  • report
  • resource-track
  • route-map
  • router
  • rrd
  • rule-set
  • running-config
  • scaleout
  • scaleout-cgn
  • scm
  • sctp
  • service-partition
  • session-filter
  • sessions
  • sflow
  • single-board-mode
  • slb
  • smtp
  • snmp-server
  • so-counters
  • ssh-login-grace-time
  • syn-cookie
  • sys-audit-log
  • sys-ut
  • syslog
  • system
  • system-2x40g-mode
  • system-4x10g-mode
  • system-buff-debug
  • system-cpu
  • system-jumbo-global
  • system-view
  • tacacs-server
  • techreport
  • techsupport
  • template
  • terminal
  • tftp
  • threat-intel
  • timezone
  • traffic-control
  • vcs
  • vcs-chassis
  • vcs-vblades
  • version
  • visibility
  • vpn
  • vrrp-a
  • waf
    • waf
    • waf global
    • waf global stats
    • waf policy
    • waf template
    • waf template brute-force-protection
    • waf template cookie-security
      • cookie-security Specification
      • cookie-security attributes
        • set-cookie-policy
        • cookie-policy
    • waf template data-leak-prevention
    • waf template evasion-check
    • waf template form-protection
    • waf template http-limit-check
    • waf template http-protocol-check
    • waf template json-check
    • waf template request-check
    • waf template response-cloaking
    • waf template stats
    • waf template violation-log-mask
    • waf template xml-check
    • waf wsdl
    • waf xml-schema
  • web-category
  • web-service
  • zone
  • aam
  • access-list
  • active-partition
  • admin
  • admin-detail
  • admin-session
  • automatic-update
  • axdebug
  • backup
  • boot-block-fix
  • bootimage
  • cgnv6
  • chassis-info
  • chassis-infra
  • clock
  • cmcov
  • config-filter
  • config-sync-status
  • configure
  • copy
  • debug
  • delete
  • device-context
  • dnssec
  • enable-password
  • erase
  • export
  • file
  • file-system
  • fw
  • glm
  • gslb
  • harmony-controller
  • health
  • hotfix
  • import
  • interface
  • ip
  • ipv6
  • link
  • locale
  • logging
  • miscellenious-alb
  • multi-ctrl-cpu
  • network
  • ntp-status
  • overlay-tunnel
  • partition-all
  • partition-available-id
  • pki
  • plat-buff-stats
  • plat-cpu-drop
  • plat-cpu-packet
  • poap
  • reboot
  • reload
  • rename
  • report
  • restore
  • rrd
  • rule-set
  • scaleout
  • scm
  • sessions
  • set-product-id
  • shutdown
  • slb
  • sshd
  • ssl
  • sys-audit-log
  • sys-ut
  • syslog
  • system
  • system-big-buff-pool
  • system-cpu
  • system-reset
  • system-view
  • threat-intel
  • traffic-control
  • upgrade
  • vcs
  • vcs-chassis
  • version
  • visibility
  • vpn
  • vrrp-a
  • web-service
  • write
ACOS 5.2.1-P7
  • Docs »
  • waf »
  • waf template cookie-security
  • View page source

waf template cookie-security¶

Protections to secure cookies

cookie-security Specification¶

Parameter Value
Type Configuration Resource
Element Name cookie-security
Element URI /axapi/v3/waf/template/{name}/cookie-security
Element Attributes cookie-security_attributes
Partition Visibility shared
Schema cookie-security schema

Operations Allowed:

OperationMethodURIPayload

Create Object

POST

/axapi/v3/waf/template/{name}/cookie-security

cookie-security attributes

Get Object

GET

/axapi/v3/waf/template/{name}/cookie-security

cookie-security attributes

Modify Object

POST

/axapi/v3/waf/template/{name}/cookie-security

cookie-security attributes

Replace Object

PUT

/axapi/v3/waf/template/{name}/cookie-security

cookie-security attributes

Delete Object

DELETE

/axapi/v3/waf/template/{name}/cookie-security

cookie-security attributes

cookie-security attributes¶

allow-missing-cookie

Description Allow requests with missing cookies

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

allow-unrecognized-cookie

Description Allow requests with unrecognized cookies

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

cookie-policy

Type: List

enable-disable-action

Description ‘enable’: Enable cookie security (default); ‘disable’: Disable cookie security;

Type: string

Supported Values: enable, disable

Default: enable

set-cookie-policy

Type: List

tamper-protection-grace-period

Description Allow unrecognized cookies for a period of time after cookie encryption being applied (default 120 minutes)

Type: number

Range: 0-43200

Default: 120

tamper-protection-http-only

Description Add HttpOnly flag to cookies not in set-cookie-policy list (default on)

Type: boolean

Supported Values: true, false, 1, 0

Default: 1

tamper-protection-samesite

Description ‘none’: none; ‘lax’: lax; ‘strict’: strict;

Type: string

Supported Values: none, lax, strict

Default: none

tamper-protection-secret

Description Cookie encryption secret

Type: string

Format: password

Maximum Length: 128 characters

Maximum Length: 1 characters

tamper-protection-secret-encrypted

Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

tamper-protection-secure

Description Add Secure flag to cookies not in set-cookie-policy list (default on)

Type: boolean

Supported Values: true, false, 1, 0

Default: 1

tamper-protection-session-cookie-only

Description Only encrypt session cookies

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

tamper-protection-sign

Description Sign cookies

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: tamper-protection-sign and tamper-protection-encrypt are mutually exclusive

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

set-cookie-policy¶

Specification Value
Type list
Block object keys  

set-cookie-policy-allow

Description Allow the cookie

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

set-cookie-policy-disallow

Description Block the cookie

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

set-cookie-policy-http-only

Description Add HttpOnly flag to cookie

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

set-cookie-policy-name

Description Name of cookie

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

set-cookie-policy-samesite

Description ‘none’: none; ‘lax’: lax; ‘strict’: strict;

Type: string

Supported Values: none, lax, strict

set-cookie-policy-secret

Description Cookie encryption secret

Type: string

Format: password

Maximum Length: 128 characters

Maximum Length: 1 characters

set-cookie-policy-secret-encrypted

Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

set-cookie-policy-secure

Description Add Secure flag to cookie

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

set-cookie-policy-sign

Description Sign cookies

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: set-cookie-policy-sign and set-cookie-policy-encrypt are mutually exclusive

cookie-policy¶

Specification Value
Type list
Block object keys  

cookie-policy-allow

Description Allow the cookie

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

cookie-policy-disallow

Description Block the cookie

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

cookie-policy-name

Description Name of cookie

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

Next Previous

© Copyright 2023, A10 Networks

Built with Sphinx using a theme provided by Read the Docs.