如何保护经典的ASP ASPSESSIONID cookie？ [英] How to secure classic ASP ASPSESSIONID cookie?

问题描述

有没有办法将经典的ASP ASPSESSIONID * Cookie标示为安全的？看起来ASP ISAPI处理程序在我的页面完成渲染后添加会话ID cookie，使代码放在我的页面的末尾循环通过Response.Cookie集合，并将它们标记为安全似乎没有触及ASPSESSIONID * cookie 。任何其他方式这样做？

Is there a way to mark classic ASP ASPSESSIONID* cookies as secure? It appears that the ASP ISAPI handler adds that session id cookie after my page is done rendering so putting code at the end of my page to loop through the Response.Cookie collection and mark them as secure doesn't seem to touch the ASPSESSIONID* cookie. Any other way of doing this?

推荐答案

答案是没有没有 t由IIS管理器提供的标准UI。不过，您可以通过 AspKeepSessionIDSecure 数据库值

The answer is no there isn't There isn't on the standard UI provided by IIS manager. However, you can enable secure cookies for the SessionID via the AspKeepSessionIDSecure Metabase value

这篇关于如何保护经典的ASP ASPSESSIONID cookie？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！