Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > RequireSSL set to true, some cookies not marked as secure

Reply
Thread Tools

RequireSSL set to true, some cookies not marked as secure

 
 
Phil Johnson
Guest
Posts: n/a
 
      10-28-2009
Hello,

I have an asp.net 3.5 website and need to ensure that all cookies are marked
as secure.

I set the following setting in the web.config file expecting all cookies to
be marked as secure but most are not. At a quick look it appears that only
the asp.net authentication cookie is marked as secure.

<httpCookies httpOnlyCookies="true" requireSSL="true" domain="" />

Does anybody know what I can do to make sure that all cookies are marked as
Secure? Ideally by using configuration.

Thanks,

Phil
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Secure your digital information assets with Secure Auditor SecureWindows with Secure Auditor alannis.albert@googlemail.com Cisco 0 04-14-2008 06:52 AM
User.Identity.IsAuthenticated and requireSSL=true TH ASP .Net Security 2 01-04-2007 10:40 PM
Forms Authentication and requireSSL, what's the recommended best practice mikemad ASP .Net Security 1 01-27-2005 03:45 AM
requireSSL not working on web site =?Utf-8?B?amF2YXRvcGlh?= ASP .Net 2 05-13-2004 04:33 AM



Advertisments