response_cookie
Version: v2025-01-13 | Includes use: Yes |
---|
Behavior name: Set Response Cookie
Set a cookie to send downstream to the client with either a fixed value or a unique stamp.
Default behavior
These samples reflect the behavior's default settings. You can use these as is in your configurations or make adjustments based on the behavior's available options.
data "akamai_property_rules_builder" "response_cookie" {
rules_v2025_02_18 {
name = "Set Response Cookie"
comments = "Sets a cookie to send downstream to the client with either a fixed value or a unique stamp."
behavior {
response_cookie {
cookie_name = ""
enabled = true
type = "FIXED"
value = ""
default_domain = true
default_path = true
expires = "ON_BROWSER_CLOSE"
same_site = "DEFAULT"
secure = false
http_only = false
}
}
}
}
"behaviors": [
{
"name": "responseCookie",
"options": {
"cookiename": "",
"enabled": true,
"type": "FIXED",
"value": "",
"defaultDomain": true,
"defaultPath": true,
"expires": "ON_BROWSER_CLOSE",
"sameSite": "DEFAULT",
"secure": false,
"httpOnly": false
}
}
]
Options
Option | Description |
---|---|
cookie_name |
Specifies the name of the cookie, which serves as a key to determine if the cookie is set.
|
enabled |
Allows you to set a response cookie.
|
type |
What type of value to assign. Value is one of:
|
value |
The cookie value.
|
format |
Sets the date format. Value is one of:
|
default_domain |
When enabled, uses the default domain value, otherwise the set specified in the
domain field.
|
default_path |
When enabled, uses the default path value, otherwise the set specified in the
path field.
|
domain |
Sets the domain for which the cookie is valid. For example,
example.com makes the cookie valid for that hostname and all subdomains.
|
expires |
Sets various ways to specify when the cookie expires. Value is one of:
|
expiration_date |
If expires is set to
FIXED_DATE , this sets when the cookie expires as a UTC date and time.
|
expiration_date |
If expires is set to
FIXED_DATE , this sets when the cookie expires as a UTC date and time.
|
same_site |
This option controls the
SameSite cookie attribute that reduces the risk of cross-site request forgery attacks. Value is one of:
|
secure |
When enabled, sets the cookie's
Secure flag to transmit it with HTTPS .
|
http_only |
When enabled, includes the
HttpOnly attribute in the Set-Cookie response header to mitigate the risk of client-side scripts accessing the protected cookie, if the browser supports it.
|
Updated about 1 hour ago