经典 ASP 中的 Cookie.HTTPOnly [英] Cookie.HTTPOnly in classic ASP

问题描述

如何在ASP中将一个页面中的所有cookie变量设置为HTTPOnly?

How to set all the cookie variables in a page to HTTPOnly in ASP?

推荐答案

我担心在设置 HttpOnly 时使用 Response.Cookies 集合将不起作用(它让我慢慢发疯！).由于 vbscript(至少在我正在测试的服务器上)将对分号进行字符编码.

I'm afraid using the Response.Cookies collection will not work when setting HttpOnly (it's been driving me slowly mad!). As vbscript (well at least on the server i'm testing on) will character encode the semicolon.

改为自己手动添加表头，例如:

Instead, add the header manually yourself, for example:

Response.AddHeader "Set-Cookie", "YourCookieName=YourCookieValue; path=/; HttpOnly" 

stackoverflow 上有一篇类似的帖子，名为:在 ASP Classic 中具体如何配置 httpOnly Cookie?

There is a similar post on stackoverflow called: How exactly do you configure httpOnly Cookies in ASP Classic?

这篇关于经典 ASP 中的 Cookie.HTTPOnly的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！