<system.webServer>
<rewrite>
<outboundRules>
<rule name="Add
SameSite Cookie Flag to ArrAffinity cookie" enabled="true">
<match
serverVariable="RESPONSE_Set_Cookie" pattern=".*" />
<!--pattern="ARRAffinity=.*\/;.*"-->
<conditions>
<!-- <add input="{R:0}" pattern="SameSite=(Lax|Strict|None)"
ignoreCase="true" negate="true" /> -->
<add input="{R:0}" pattern="ARRAffinity=(.*)"
ignoreCase="true" negate="true" />
<add input="{HTTP_USER_AGENT}" pattern="Macintosh; Intel Mac
OS X 10_14.+Version/.*Safari" ignoreCase="true"
negate="true" />
<add input="{HTTP_USER_AGENT}" pattern="CPU iPhone OS
12" ignoreCase="true" negate="true" />
<add input="{HTTP_USER_AGENT}" pattern="iPad; CPU OS 12"
ignoreCase="true" negate="true" />
</conditions>
<action
type="Rewrite"
value="{HTTP_COOKIE};Path=/;HttpOnly;SameSite=None;secure" />
</rule>
</outboundRules>
</rewrite>
</system.webServer>
Credit to Clover Zhang @Microsoft.
No comments:
Post a Comment