How exactly do you configure httpOnly Cookies in ASP Classic?

Question

I\'m looking to implement httpOnly in my legacy ASP classic sites. Anyone knows how to do it?

Answer 1

Response.AddHeader "Set-Cookie", "mycookie=yo; HttpOnly"

Other options like expires, path and secure can be also added in this way. I don't know of any magical way to change your whole cookies collection, but I could be wrong about that.