Set HTTPOnly for Classic ASPSessionIDxxx cookie

Discussion in 'ASP General' started by Andrew, Jan 28, 2010.

  1. Andrew

    Andrew Guest

    Hi,

    A security audit company has advised that we should set the HTTPOnly
    attribute of the autogenerated ASPSessionID cookie in classic ASP.

    Although I can set this for cookies I create I can find no way to set this
    for the autogenerated cookie.

    Could anyone please advise if this is possible and point me in the direction
    of a fix?

    BR

    Andrew
    Andrew, Jan 28, 2010
    #1
    1. Advertising

  2. Andrew

    Bob Barrows Guest

    The answers you received when you posted this question 10 days ago will not
    have changed in that time.

    Andrew wrote:
    > Hi,
    >
    > A security audit company has advised that we should set the HTTPOnly
    > attribute of the autogenerated ASPSessionID cookie in classic ASP.
    >
    > Although I can set this for cookies I create I can find no way to set
    > this for the autogenerated cookie.
    >
    > Could anyone please advise if this is possible and point me in the
    > direction of a fix?
    >
    > BR
    >
    > Andrew


    --
    Microsoft MVP - ASP/ASP.NET - 2004-2007
    Please reply to the newsgroup. This email account is my spam trap so I
    don't check it very often. If you must reply off-line, then remove the
    "NO SPAM"
    Bob Barrows, Jan 28, 2010
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Adarsh Bhat
    Replies:
    2
    Views:
    1,611
    Adarsh Bhat
    Jul 14, 2006
  2. Replies:
    5
    Views:
    558
    Aaron Watters
    May 2, 2008
  3. Replies:
    2
    Views:
    461
  4. Andrew
    Replies:
    4
    Views:
    4,113
    Andrew
    Feb 15, 2010
  5. Phil Powell
    Replies:
    2
    Views:
    181
    Grant Wagner
    Sep 5, 2003
Loading...

Share This Page