How to rewrite cookie path with Azure Application Gateway rewrite rule

Rob Dickey 0 Reputation points
2024-05-03T19:29:22.65+00:00

I have a rewrite rule IF condition as follows. The apparent problem is the regex pattern is not matching as the action is never triggered. I've tested the pattern with multiple RE 2 interpreters and all state the regex is valid.

IF condition

And the Action as follows:

Note: Header Value is {http_resp_Set-Cookie_1}path=/newpath{http_resp_Set-Cookie_2}Action

Since the action is (apparently) never used I can only assume the syntax for the header value is correct.

Thanks for any assistance.

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,071 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. ChaitanyaNaykodi-MSFT 26,111 Reputation points Microsoft Employee
    2024-05-14T23:37:06.89+00:00

    @Rob Dickey

    I am just summarizing our discussion here for the community benefit.

    Based on your observation above you are hitting the limitation mentioned here

    If a response has more than one header with the same name, then rewriting the value of one of those headers will result in dropping the other headers in the response. This can usually happen with Set-Cookie header since you can have more than one Set-Cookie header in a response. One such scenario is when you're using an app service with an application gateway and have configured cookie-based session affinity on the application gateway. In this case the response will contain two Set-Cookie headers: one used by the app service, for example: Set-Cookie: ARRAffinity=ba127f1caf6ac822b2347cc18bba0364d699ca1ad44d20e0ec01ea80cda2a735;Path=/;HttpOnly;Domain=sitename.azurewebsites.net and another for application gateway affinity, for example, Set-Cookie: ApplicationGatewayAffinity=c1a2bd51lfd396387f96bl9cc3d2c516; Path=/. Rewriting one of the Set-Cookie headers in this scenario can result in removing the other Set-Cookie header from the response.

    IF condition applies to only the first Set-Cookie header coming in the response but the rewrite action will replace all of them with one Set-Cookie Header.

    It will help if you would upvote this features request related to this limitation here

    Hope this helps! Please let me know if you have any additional questions. Thank you!

    ​​Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.