hasSetCookieOnResponseFilter Filter

Match responses whose Set-Cookie header issues a particular cookie or value, so you can audit logins, tracking, and consent flows.

Set-Cookie headers mark the moments where servers hand state back to the client: logins, consent flows, tracker drops, and more. The hasSetCookieOnResponseFilter gives you a precise hook on those moments so you can tag, strip, or audit cookies as soon as they are issued, without scanning the whole capture by hand.

When to use this filter

Reach for hasSetCookieOnResponseFilter when a rule should trigger on responses that issue a cookie. You can match any Set-Cookie header by leaving the name empty, narrow to a specific cookie name, and further refine by value with exact, contains, startsWith, endsWith, or regex operations.

Practical uses:

Catching the response that issues a session cookie at login, so you can tag the entire flow.
Auditing third party trackers that set cookies during a page load.
Forcing additional response headers on every login response to test browser behavior.

Real world examples

Tag responses that issue a session cookie

Mark every response that sets a session cookie so you can pinpoint authentication boundaries in the capture.

rules:
- filter:
    typeKind: HasSetCookieOnResponseFilter
    name: SESSIONID
    pattern: ''
    operation: Regex
  actions:
  - typeKind: ApplyTagAction
    tag:
      value: session-issued

Strip a tracking cookie from third party responses

Remove a known tracker cookie before it reaches the client.

rules:
- filter:
    typeKind: HasSetCookieOnResponseFilter
    name: _ga
    pattern: ''
    operation: Regex
  actions:
  - typeKind: RemoveResponseCookieAction
    name: _ga

Catch responses that set any cookie

Leave the name empty to match any Set-Cookie header, useful for auditing a session for unexpected cookie issuance.

rules:
- filter:
    typeKind: HasSetCookieOnResponseFilter
    name: ''
    pattern: ''
    operation: Regex
  actions:
  - typeKind: AddResponseHeaderAction
    headerName: x-cookie-audit
    headerValue: response-set-a-cookie

Reference

hasSetCookieOnResponseFilter

Description

Search for a cookie value present in a set-cookie header response.If cookie name is not defined or empty, the filter will returns any cookie having the value.

Evaluation scope

Evaluation scope defines the timing where this filter will be applied.

responseHeaderReceivedFromRemote This scope occurs the moment fluxzy has done parsing the response header.

YAML configuration name

hasSetCookieOnResponseFilter

Settings

The following table describes the customizable properties available for this filter:

Property	Type	Description	DefaultValue
name	string	Cookie name. Leave empty to match any cookies. This field is case sensitive
pattern	string	The string pattern to search
operation	exact \| contains \| startsWith \| endsWith \| regex	The search operation performed	contains
caseSensitive	boolean	true if the Search should be case sensitive	false
inverted	boolean	Negate the filter result	false

Example of usage

This filter has no specific usage example

.NET reference

View definition of HasSetCookieOnResponseFilter for .NET integration.

Frequently asked questions

Why is the name field case sensitive?

Cookie names are case sensitive in the HTTP specification, so the filter mirrors that behavior to avoid false matches between two different cookies that share a casing variation.

Can I match a cookie value without caring about the name?

Yes. Leave the name empty and provide a pattern with an operation other than empty regex. The filter then checks whether any Set-Cookie header in the response contains that value.

Does it run before or after the body arrives?

It is evaluated as soon as the response headers are parsed, so the filter fires before the body finishes streaming.

Learn more about Fluxzy rules

Rule file syntax reference Importing YAML rules into Fluxzy Desktop Using rule files with Fluxzy CLI

Browse all directives