ssl security - How can I set the Secure flag on an ASP.NET Session Cookie?

Question

Welcome To Ask or Share your Answers For Others

ssl security - How can I set the Secure flag on an ASP.NET Session Cookie?

1 Reply

深蓝 · Answer 1 · 2021-10-17T00:08:50+0000

In the <system.web> element, add the following element:

<httpCookies requireSSL="true" />

However, if you have a <forms> element in your system.webauthentication block, then this will override the setting in httpCookies, setting it back to the default false.

In that case, you need to add the requireSSL="true" attribute to the forms element as well.

So you will end up with:

<system.web>
    <authentication mode="Forms">
        <forms requireSSL="true">
            <!-- forms content -->
        </forms>
    </authentication>
</system.web>

See here and here for MSDN documentation of these elements.

Categories

ssl security - How can I set the Secure flag on an ASP.NET Session Cookie?

ssl security - How can I set the Secure flag on an ASP.NET Session Cookie?

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags