发表新帖
发表新帖

How can I set the Secure flag on an ASP.NET Session Cookie?

前端 未结
关注
5 1278
萌比男神i
萌比男神i 2020-11-28 20:30

How can I set the Secure flag on an ASP.NET Session Cookie, so that it will only be transmitted over HTTPS and never over plain HTTP?

5条回答
  • 难免孤独
    难免孤独 (楼主)
    2020-11-28 21:09

    Things get messy quickly if you are talking about checked-in code in an enterprise environment. We've found that the best approach is to have the web.Release.config contain the following:

    That way, developers are not affected (running in Debug), and only servers that get Release builds are requiring cookies to be SSL.

    0 讨论(0)
 看不清?
提交回复
热议问题