Silverline WAF customers who have applications that include more than 256 cookies in HTTP Response/Request headers may experience blocked requests from their Web Application Firewall proxy.
Should you have any questions about this issue, please contact the SOC.
- Silverline WAF
- Silverline WAF policy limits to 256 cookies.
To view and confirm if you are experiencing the cookie limit issue, customers can log into their portal account and from the top menu, select Monitor & Analyze > WAF Violation Summary.
The violation will appear in the summary under the violations column. Customers can scroll down, locate and select the Modified domain cookie(s) category.
Once the selection is made, customers will see a listing of all the violations. They can select a violation to obtain more detail:
The following XML metadata will be generated, look for <too_many_cookies>1</too_many_cookies> to confirm the Cookie Limit in HTTP headers issue
<?xml version="1.0" encoding="UTF-8"?>
If you do run into this issue and would like it to be resolved, please open a ticket with the SOC, and provide the following information:
- Name of the WAF policy/policies
- Support ID of the violation related to <too_many_cookies>1</too_many_cookies> to confirm the behavior
The SOC will then tuned the WAF policy by disabling the check for the Modified Domain Cookie(s) module of the WAF policy.