Sachin Pakale
Reputation: 312
Another set-cookie attribute for secure flag
After adding the following tag in web.config
<httpCookies requireSSL="true" />I am getting "Set-Cookie:Secure" in every response header. But
I can see there are duplicate "Set-Cookie" attributes in the headers as below
IBM AppScan is raising an exception - Missing Secure Attribute in Encrypted Session (SSL) Cookie. I have gone through this question and RFC 6265 but I am not clear if a response header can have another "Set-Cookie" attribute for secure flag.
Upvotes: 0
Views: 1835
Answers (0)
Related Questions
- Cookies in Set-Cookie are being ignored by browser
- How to set cookie secure flag using javascript
- Application Insights secure cookies
- How to set secure flag in my cookie using ngx-cookie-service for Angular?
- Blazor Set-Cookie not effective
- how to set cookies as secure flag in spring boot
- IBM AppScan - Missing Secure Attribute in Encrypted Session (SSL) Cookie
- Cookie secure flag using javascript
- How can I make the Bluemix VCAP_ID cookie secure?
- how to set secure flag for cookies inplay 2.1.0