This match type matches on cookies received from the client (browser) in the Cookie header. The syntax for this match type is:

<match:cookie name="user_id" op="present" value="">
Match tag properties for match cookie are:
  • name: name of the cookie

    The name attribute of this match type allows for wildcard characters (*) that will match any character in a cookie name. In this feature, the wildcard will be “non-greedy” and will match zero or more characters. This was introduced in 4.4.


    • *sessionid* matches: sessionid, xxsessionid, sessionidyy, xxsessionidyy, etc.
    • *sessionid matches: sessionid and xxsessionid but not sessionidyy or xxsession- idyy.
    • sessionid* matches: sessionid and sessionidyy but not xxsessionid or xxsession- idyy.
    • * matches all cookie names.
    • *a*a*a* matches a cookie name that has three letter "a"s anywhere in it.

    If only one wildcard is used in a name and it's the last character, it would be equivalent to setting the name-prefix-match property to on and not using the wildcard character. In order to avoid any conflicts between name-prefix-match and the new wildcard support, the edge server will ignore the special meaning of wildcards in the cookie name when name-prefix-match is on and translate them literally as it does now (again, this is for backward compatibility).

    Given that browsers don't enforce any standards for cookie names, it's possible for sites to use the wildcard character as part of the name, however that's very unlikely. In order to support this corner case, users can “escape” the wildcard by using a backslash in front of the wildcard to mean a literal wildcard. In turn, if the backslash is part of the cookie name (again, very unlikely), users will have to escape the backslash by another backslash. The purpose of the backslash is to force the edge server to translate the character following it literally.

    • sessionid\* matches “sessionid*” exactly.
    • sessionid\*\\ matches “sessionid *\” exactly.
    • sessionid\** would match a cookie name that begins with “sessionid*”.
    • sessioni\d would match “sessionid” exactly. Notice that t his example es caped the letter 'd' which is not special. Edge ser vers will allow for this in case a user accidentally escapes a non-special character.
  • name-prefix-match: sets whether the string in “name” must match the cookie name exactly or be a prefix of the full cookie name. The property is a simple Boolean and defaults to “off ”. This is particularly useful for matching “sessionid” cookies, where the cookie name includes a unique string but has a constant prefix.
  • value: The full or partial value the cookie should have.
  • op: Match operation. Must be one of the following:
    • present: The given cookie name must be present in the HTTP headers.
    • missing: The given cookie name must not be present in the HTTP headers.
    • strcmp: The cookie must have exactly the given value.
    • strcasecmp: Same as strcmp but not case sensitive.
    • strstr: The cookie must have the given sub string (specified as the value).
    • strcasestr: same as strstr but not case sensitive.


    • Match only if a cookie named “session_id” exists:
      <match:cookie name="session_id" op="present" value="">
    • Match only if a cookie named “user_id” doesn't exist:
      <match:cookie name="user_id" op="missing" value="">
    • Match only if a cookie named “logged_in” is set to “yes”:
      <match:cookie name="logged_in" op="strcmp" value="yes">
    • Same thing matching “yes” case insensitively:
      <match:cookie name="logged_in" op="strcasecmp" value="yes">
    • Match only if a cookie named “cust_type” has “_vip_” somewhere within it:
      <match:cookie name="cust_type" op="strstr" value="_vip_">
    • Same thing matching “_vip_” case insensitively:
      <match:cookie name="cust_type" op="strcasestr" value="_vip_">