web analytics
Using Cookies in ASP.NET Options
@2021-01-25 21:31:13

Secure cookies with web.config in .NET

<system.web>

<httpCookies httpOnlyCookies="true|false" requireSSL="true|false" domain=".domain.com" sameSite="None|Lax|Strict|Unspecified" />

</system.web>

When a cookie that has HttpOnlyCookies set to true is received by a compliant browser, it is inaccessible to client-side script.

Setting the sameSite attribute value to either of the Strict, Lax or None enumeration values will cause a SameSite attribute to be appended on all cookies of your application that are not Authentication or Session related. Cookies marked with SameSite=None will only be sent back to the server if marked as secure and if the connection between client and server is a secure connection.

Comments
You must Sign In to comment on this topic.


© 2021 Digcode.com