ASP.NET

View All Threads First Prev Next

how to set ASP.NET_sessionId cookie as HTTPOnly smehta.er12-Feb-13 6:35 smehta.er 12-Feb-13 6:35  Hi, I have an ASP.NET 4.0 application where I am trying to make ASP.NET sessionId cookie as HTTPOnly. My web server has IIS7. I got the below solution from internet which did not work for me: <httpCookies httpOnlyCookies="true" requireSSL="true"/> I viewed cookies using Firebug where I observed that none of the cookies are HTTPOnly but they are secure. Any solution to make ASP.NET_SessionId cookie as HTTPOnly. Re: how to set ASP.NET_sessionId cookie as HTTPOnly Sandeep Mewara13-Feb-13 1:08 Sandeep Mewara 13-Feb-13 1:08  Via HTTPCookie object: C# myHttpOnlyCookie.HttpOnly = true; Read: MSDN: HttpCookie.HttpOnly Property[^] Via Response header: Set-Cookie: USER=123; expires=Wednesday, 09-Nov-99 23:12:40 GMT; HttpOnly Following blog will help: http://erlend.oftedal.no/blog/?blogid=33[^] Sandeep Mewara Microsoft ASP.NET MVP 2012 & 2013 [My Blog] [My Latest Post]: How to extend a WPF Textbox to Custom Picker

Last Visit: 31-Dec-99 18:00     Last Update: 10-May-24 14:58 Refresh 1

General    News    Suggestion    Question    Bug    Answer    Joke    Praise    Rant    Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.