Scope:
This solution applies to all Barracuda Web Application Firewall 460 and above models.
Answer:
We have to configure a response rewrite rule on WAF to achieve this.
The Response rewrite rule should have this form:
Rule Name: change_cookie_path
Sequence Number: 1
Action: Rewrite Header
Header Name: Set-Cookie
Old Value = (.)*Path=/xxx(.)*
Rewrite Value: $1Path=/ext-prefix/xxx$2
Rewrite Condition: *
Important note:
- The $1 in rewrite condition will replace first occurrence of (.)* in the old value.
- The $2 in rewrite condition will replace second occurrence of (.)* in the old value.
- The ext-prefix value is the external URL that we need to add when cookie is going out of WAF
Example:
Set cookie done by the server: Set-Cookie: jsessionid=testing path=/xxx/dir1/
Set cookie sent by WAF after rewriting: Set-Cookie: jsessionid=testing path=/ext-prefix/xxx/dir1/
Set cookie done by the server: Set-Cookie: jsessionid=testing path=/xxx/dir1/
Set cookie sent by WAF after rewriting: Set-Cookie: jsessionid=testing path=/ext-prefix/xxx/dir1/