RequireSSL set to true, some cookies not marked as secure

P

Phil Johnson

Hello,

I have an asp.net 3.5 website and need to ensure that all cookies are marked
as secure.

I set the following setting in the web.config file expecting all cookies to
be marked as secure but most are not. At a quick look it appears that only
the asp.net authentication cookie is marked as secure.

<httpCookies httpOnlyCookies="true" requireSSL="true" domain="" />

Does anybody know what I can do to make sure that all cookies are marked as
Secure? Ideally by using configuration.

Thanks,

Phil
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

User.Identity.IsAuthenticated and requireSSL=true 2
Cookies expire immediately, not when set to expire 2
Multiple cookies created 3
Forms authentication cookies not expiring... 2
section registered as allowdefinition Error and Secure Folder 0
ASP Cookies 2
Disappearing cookies after login.aspx 0
turning cookieless mode false for client browsers that do not accept cookies 2

Members online

No members online now.
Total: 56 (members: 0, guests: 56)
Robots: 416

Forum statistics

Threads
473,982
Messages
2,570,186
Members
46,740
Latest member
JudsonFrie

Latest Threads

Top