How to secure the ASP.NET_SessionId cookie?

by

To add the ; secure suffix to the Set-Cookie http header I simply used the <httpCookies> element in the web.config:

<system.web>
  <httpCookies httpOnlyCookies="true" requireSSL="true" />
</system.web>

IMHO much more handy than writing code as in the article of Anubhav Goyal.

See: http://msdn.microsoft.com/en-us/library/ms228262(v=vs.100).aspx

More Related Contents:

  1. How to delete cookies on an ASP.NET website
  2. How to get Windows Explorer type look and feel inside my Application? [closed]
  3. Serializing a list to JSON
  4. Best way in asp.net to force https for an entire site?
  5. Entity Framework Refresh context? [closed]
  6. Can I get more than 1000 records from a DirectorySearcher?
  7. Clearing Page Cache in ASP.NET
  8. Are static methods thread safe
  9. prevent property from being serialized in web API
  10. Resizing an image in asp.net without losing the image quality
  11. ASP.NET MVC Global Variables
  12. Adding your own HtmlHelper in ASP.NET MVC 3
  13. Convert from binary data to an image control in ASP.NET
  14. Adding custom properties for each request in Application Insights metrics
  15. Get current System.Web.UI.Page from HttpContext?
  16. Windows Authentication and add Authorization Roles through database – MVC asp.net
  17. ASP.NET FileUpload in UpdatePanel – still not working
  18. How can I get the name of a variable passed into a function?
  19. Is csv with multi tabs/sheet possible?
  20. How to edit .csproj file
  21. POST string to ASP.NET Web Api application – returns null
  22. Creating a ASP.NET application converting text to speech
  23. Identity in ASP.Net Core 2.1< - Customize AccountController
  24. How to update querystring in C#?
  25. Read a Registry Key
  26. Find a control on a page with a master page
  27. Text on an Image button in c# asp.net 3.5
  28. Specify Date format in MVC5 (dd/MM/yyyy)
  29. Can’t find how to use HttpContent
  30. Amazon SES Email address is not verified

Leave a Comment