Scenario 4: Modifying cookies only (HTTPResponse)

This scenario illustrates how to add, modify, and remove cookies in an HTTP Response. The XSLT in this example makes the following updates:

  • Adds a cookie called NEW_COOKIE.
  • Updates the EXISTING_COOKIE cookie domain to be domainB.com.
  • Removes the cookie called OLD_COOKIE.

Input documents

The following sample input documents are used for this scenario:

HTTP Response

<?xml version="1.0" encoding="UTF-8"?>
<HTTPResponse>
	<ResponseLine>
		<Version>HTTP/1.1</Version>
		<StatusCode>503</StatusCode>
		<Reason>Service Unavailable</Reason>
	</ResponseLine>
	<Headers>
		<Header name="Date">Thu%2C%2016%20Sep%202010%2010
			%3A57%3A52%20GMT</Header>
		<Header name="Server">IBM_HTTP_Server</Header>
		<Header name="Content-Type">text%2Fhtml%3Bcharset%3DUTF-8</Header>
		<Header name="Content-Language">en-US</Header>
	</Headers>
	<Cookies>
		<Cookie name="EXISTING_COOKIE">
			<Value>2_orQUNJCbjdxqIEdDPMXj31UiHMXuU3hRCUtpN7xe6J1xZhxt0</Value>
			<Path>/</Path>
			<Domain>domainA.com</Domain>
			<Expires>Wed, 09 Jun 2021 10:18:14 GMT</Expires>
			<Secure>1</Secure>
			<HTTPOnly>0</HTTPOnly>
		</Cookie>	
		<Cookie name="OLD_COOKIE">
			<Value>2_orQUNJCbjdxqIEdDPMXj31UiHMXuU3hRCUtpN7xe6J1xZhxt0</Value>
			<Path>/</Path>
			<Domain>domainA.com</Domain>
			<Expires>Mon, 07 Jun 2021 11:18:21 GMT</Expires>
			<Secure>1</Secure>
			<HTTPOnly>0</HTTPOnly>
		</Cookie>
	</Cookies>
</HTTPResponse>

XSLT Rules

Note: These rules must be stored in an XSL document that is defined as a response resource with an associated POP. See Configuration.
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
	version="1.0">

	<!--Firstly, strip any space elements -->
	<xsl:strip-space elements="*" />
	
	<!-- 
		Perform a match on the root of the document. Output the required
		HTTPResponseChange elements and then process templates.	
	-->
		<xsl:template match="/">
			<HTTPResponseChange>
				<xsl:apply-templates />
			</HTTPResponseChange>
		</xsl:template>
	
	<!-- 
		Do nothing to the Version
	-->	
	<xsl:template match="//HTTPResponse/ResponseLine/Version" />

	<!-- 
		Do nothing to the StatusCode
	-->	
	<xsl:template match="//HTTPResponse/ResponseLine/StatusCode" />

	<!-- 
		Do nothing to the Reason
	-->	
	<xsl:template match="//HTTPResponse/ResponseLine/Reason" />

	<!-- 
		Do nothing to the Headers. 
	-->
	<xsl:template match="//HTTPResponse/Headers" />

	<!-- 
		Match on the Cookies. Add a new cookie called NEW_COOKIE if
		it does not exist.
	-->
	<xsl:template match="//HTTPResponse/Cookies">

	<xsl:choose>
		<xsl:when test="Cookie/@name=’NEW_COOKIE’" />
		<xsl:otherwise>
			<Cookie action="add" name="NEW_COOKIE">
				<Content>2_orQUNJCbjdxqIEdDPMXj31UiHMXuU3hRCUtpN7xe6J1xZhxt0</Content>
				<Path>/</Path>
				<Domain>domainA.com</Domain>
				<Expires>Mon, 07 Jun 2021 10:12:14 GMT</Expires>
				<Secure>1</Secure>
				<HTTPOnly>0</HTTPOnly>
			</Cookie>
		</xsl:otherwise>
	</xsl:choose>

	<!-- Update the value of the EXISTING_COOKIE cookie -->
	<xsl:if test="Cookie/@name='EXISTING_COOKIE'">
		<Cookie action="update" name="EXISTING_COOKIE">
			<Domain>domainB.com</Domain>
		</Cookie>
	</xsl:if>

	<!-- Delete the OLD_COOKIE cookie -->
	<xsl:if test="Cookie/@name='OLD_COOKIE'">
		<Cookie action="remove" name="OLD_COOKIE" />
	</xsl:if>

	</xsl:template>
</xsl:stylesheet>

Output XML document

In this scenario, the following XML document is output from the XSL transformation. This document defines the changes for WebSEAL to perform on the original HTTP response.

<?xml version="1.0" encoding="UTF-8"?>
<HTTPResponseChange>
	<Cookie action="add" name="NEW_COOKIE">
		<Content>2_orQUNJCbjdxqIEdDPMXj31UiHMXuU3hRCUtpN7xe6J1xZhxt0</Content>
		<Path>/</Path>
		<Domain>domainA.com</Domain>
		<Expires>Mon, 07 Jun 2021 10:12:14 GMT</Expires>
		<Secure>1</Secure>
		<HTTPOnly>0</HTTPOnly>
	</Cookie>
	<Cookie action="update" name="EXISTING_COOKIE">
		<Domain>domainB.com</Domain>
	</Cookie>
	<Cookie action="remove" name="OLD_COOKIE"></Cookie>
</HTTPResponseChange>