仅Http和安全标志测试 [英] HttpOnly and Secure flag testing
问题描述
我已将我的应用程序下的web.config以下
I have set the following under web.config in my app
<system.web>
<httpCookies httpOnlyCookies="true" requireSSL="true" lockItem="true" />
<authentication mode="Forms">
<forms name="testweb" loginUrl="~/Login.aspx" defaultUrl="~/Default.aspx" requireSSL="true" slidingExpiration="true" enableCrossAppRedirects="false" cookieless="UseCookies" />
</authentication>
</system.web>
,现在我想,以确保配置是正确的。什么是测试的最简单方法既只允许HTTP和安全标志是否工作正常?
and now I want to ensure that the configuration is right. What's the easiest way to test that both http only and secure flag are working properly?
感谢
推荐答案
如果您要检查你的cookies是否设置既仅Http和安全,你可以在IE中使用任何开发工具或Firebug插件在你的配置是正确的Firefox浏览器。
your configuration is correct if you want to check whether your cookies are set with both httponly and secure you can use either Developer tools in IE or FireBug add-on in Firefox.
火狐:只是一个插件,从萤火虫的这里,运行它,并头部到Cookie部分,只要您请求的网页,将提供所有的cookie信息。
FireFox: Just Add a plugin to Firebug from here, run it and head over to cookies section whenever you request a webpage it will provide all the cookie information.
Internet Explorer中:点击F12带来了IE浏览器的开发者工具,但调查关于cookies是littile棘手这里
Internet Explorer: clicking F12 brings the developer tools in IE but investigating about cookies is littile tricky here.
- 开启开发工具。
- 转至网络标签
- 单击开始捕获并导航到你的网站。
- 双击
- 同样要详细查看饼干标签将告诉你如何饼干是从Web服务器接收。确保所收到的cookie的方向。
通过IE
对你有兴趣在获取详细查看网址
这篇关于仅Http和安全标志测试的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!