IIS 5 & IIS 6
Setting HTTPONLY for CLASSIC ASP Session Cookie - URGENT HELP NEEDED...
Re: Setting HTTPONLY for CLASSIC ASP Session Cookie - URGENT HELP NEE...
Mar 11, 2016 10:47 AM|Hulktheblaster|LINK
even i was facing the same problem but after i updated my web.config with your code above it started working, but when i am checking it in fiddler the cookie(ASPSESSIONID*) in login.asp response does not have HttpOnly attribute but all other page responses
has that attribute.
any help on this?
Thanks in advance.