如何保护传统的ASP ASPSESSIONID饼干吗? [英] How to secure classic ASP ASPSESSIONID cookie?
问题描述
有没有一种方法,以纪念经典ASP ASPSESSIONID *饼干的安全吗?看来,ASP ISAPI处理程序补充说会话cookie我的网页做渲染所以把code。在我的网页端遍历是Response.Cookie收集和标记它们似乎是安全的,不要触摸后ASPSESSIONID *饼干。这样做的任何其他方式?
Is there a way to mark classic ASP ASPSESSIONID* cookies as secure? It appears that the ASP ISAPI handler adds that session id cookie after my page is done rendering so putting code at the end of my page to loop through the Response.Cookie collection and mark them as secure doesn't seem to touch the ASPSESSIONID* cookie. Any other way of doing this?
推荐答案
<击>答案是没有没有击>没有通过IIS管理器提供的标准UI。但是,您可以启用安全cookie通过的<一的的SessionID href=\"http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/0d49cbc8-10e1-4fa8-ba61-c34e524a3ae6.mspx?mfr=true\">AspKeepSessionIDSecure元数据库值
The answer is no there isn't There isn't on the standard UI provided by IIS manager. However, you can enable secure cookies for the SessionID via the AspKeepSessionIDSecure Metabase value
这篇关于如何保护传统的ASP ASPSESSIONID饼干吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!