Jump to content
Welcome to our new Citrix community!

add SameSite flag to set-cookie

Moussa ML

Recommended Posts


I have already configured Secure and httpOnly flag in secure_cookie in the rewrite action (set-cookie). I want to add a new flag that is SameSite. How can I do this?


add rewrite action rw_act_cookie_Secure replace_all http.RES.full_Header "\"path=/; Secure; HttpOnly\"" -search "regex(re!(path=/\\; Secure; HttpOnly)|(path=/\\; Secure)|(path=/\\; HttpOnly)|(path=/)!)"

Thank you in advance.

Best Regards,



Link to comment
Share on other sites

  • 7 months later...

Hi Moussa, I realise the question is a bit old now, but for anyone else who comes here via a search engine, the question is back as Chrome is changing it's behaviour with SameSite cookies.

See https://support.citrix.com/article/CTX269469 Impact of SameSite Cookie on Citrix ADC After Chrome Upgrade


In case it the article disappears, the suggestion for a re-write is:

'...One can configure a response-based rewrite policy to look into “Set-cookie” header in the response sent by the backend server and append the “SameSite” cookie attribute. 

Sample rewrite policy looks like:

add rewrite action rewrite_http_header replace_all http.RES.full_Header "\"SameSite=None; Secure; path=/\"" -search "regex(re!(path=/\\; SameSite)|(path=/)!)"
add rewrite policy append_samesite_cookie "http.RES.HEADER(\"Set-Cookie\").EXISTS" rewrite_http_header

above rewrite policies needs to be bound application specific virtual server on Citrix ADC...'


The article goes on to cover an NetScaler generated cookie for COOKIEINSERT persistence.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...