Setting HTTPONLY for CLASSIC ASP Session Cookie - URGENT HELP NEEDED PLEASE!!!
Posted
by E.Shafii
on Stack Overflow
See other posts from Stack Overflow
or by E.Shafii
Published on 2010-06-07T15:14:04Z
Indexed on
2010/06/07
21:52 UTC
Read the original article
Hit count: 707
Hello all,
Does anyone know exactly how to set HTTPONLY on classic ASP session cookies?
This is the final thing that's been flagged in a vulnerability scan and needs fixing ASAP, so any help is appreciated.
~~~A LITTLE MORE INFORMATION ON MY PROBLEM~~~
Can anyone please help me with this?
I need to know how to set HTTPONLY on the ASPSESSION cookie created by default from ASP & IIS.
This is the cookie automatically created by the server for all asp pages.
If needed i can set HTTPONLY on all cookie across the site.
Any help on how to do this would be massively appreciated.
Thanks
Thanks Elliott
© Stack Overflow or respective owner