IIS 5 & IIS 6
Setting HTTPONLY for CLASSIC ASP Session Cookie - URGENT HELP NEEDED...
Re: Setting HTTPONLY for CLASSIC ASP Session Cookie - URGENT HELP NEE...
Jan 10, 2012 07:23 PM|dushmantha|LINK
Pretty sure you have sorted this classic ASPSESSION cookie vulnerability issue. I am in a similar kind of situation and tried different things to make cookies secure, httponly but so far succeeded making other cookies Secure only. Could you let me know if
you sorted this please.