Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > RequireSSL set to true, some cookies not marked as secure

Thread Tools

RequireSSL set to true, some cookies not marked as secure

Phil Johnson
Posts: n/a

I have an 3.5 website and need to ensure that all cookies are marked
as secure.

I set the following setting in the web.config file expecting all cookies to
be marked as secure but most are not. At a quick look it appears that only
the authentication cookie is marked as secure.

<httpCookies httpOnlyCookies="true" requireSSL="true" domain="" />

Does anybody know what I can do to make sure that all cookies are marked as
Secure? Ideally by using configuration.


Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Secure your digital information assets with Secure Auditor SecureWindows with Secure Auditor Cisco 0 04-14-2008 06:52 AM
User.Identity.IsAuthenticated and requireSSL=true TH ASP .Net Security 2 01-04-2007 10:40 PM
Forms Authentication and requireSSL, what's the recommended best practice mikemad ASP .Net Security 1 01-27-2005 03:45 AM
requireSSL not working on web site =?Utf-8?B?amF2YXRvcGlh?= ASP .Net 2 05-13-2004 04:33 AM