Jump to content
Welcome to our new Citrix community!

cross domain cookie

Or Shellyy

Recommended Posts


I need help with configuration cross domain cookie with Rewrite policy.

I use AAA Auth that I login but the iframe that inside the web not working, the cookie "NSC_TMAS"  didn't pass to the other domain and I get connected refuse.

I try to pass it and it didn't work I use in Action : "Type INSERT_HTTP_HEADER" , "Header Name set-cookie" , "Expression NSC_TMAS=; path=/; Max-Age=-1".

and Policy : "Undefined-Result Action -Global-undefined-result-action-" ,"Expression http.RES.HEADER("Set-Cookie").EXISTS"

and is not working. 

someone have any idea what can help me ?

Link to comment
Share on other sites

  • 3 weeks later...

If you set Max-Age to -1, the cookie is already expired and can't be used in any way. The browser won't store it. Max-Age is the time in seconds the browser will store the cookie. Try setting it to, let's say, 60?


I'm quoting https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie


Max-Age=<number> Optional

Indicates the number of seconds until the cookie expires. A zero or negative number will expire the cookie immediately. If both Expires and Max-Age are set, Max-Age has precedence.


Domain=<domain-value> Optional

Defines the host to which the cookie will be sent.

If omitted, this attribute defaults to the host of the current document URL, not including subdomains.

Contrary to earlier specifications, leading dots in domain names (.example.com) are ignored.

Multiple host/domain values are not allowed, but if a domain is specified, then subdomains are always included.

Probably, setting Domain would make a cookie available in different domains

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...