How to disable httpOnlyCookies - asp.net

-

Scenario

HTTP only cookies cannot be read by client-side script therefore marking a cookie as HTTP only can provide an additional layer of protection against cross-site script attack.

Impact:

During Cross-Site scripting attack and attacker might easily access cookies and hijack the victim’s session.

Solution

You can disable the httpOnlyCookies on the web.config file. Open the web.config file and add the configuration on the httpCookies element like example below :


<system.web>

:

: 

<httpCookies httpOnlyCookies="false" requireSSL="false" domain="" />

:

:
 </system.web>




By
NOTE : – If You have Found this post Helpful, I will appreciate if you can Share it on Facebook, Twitter and Other Social Media Sites. Thanks =)

Popular posts from this blog

Example to disable save as certain file type in SSRS Report Viewer

-
Image
SQL Server Reporting Service(SSRS) is a full range of ready-to-use tools and services to help you create, deploy, and manage reports for your organization, as well as programming features that enable you to extend and customize your reporting functionality. The Report Viewer provide functionality to save the report as a pdf, word and also as a excel format. Sometime organization require this feature, sometime not. This is how to disable save as function in Report Viewer(SSRS). The example will invoke methode pre-render in Report Viewer Controller. The ASPX Page <%@ Register Assembly="AjaxControlToolkit" Namespace="AjaxControlToolkit" TagPrefix="asp" %> <%@ Register Assembly="Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"     Namespace="Microsoft.Reporting.WebForms" TagPrefix="rsweb" %> : : : <asp:ToolkitScriptManager ID="ToolkitScriptManager1" runat...
Read more

How to create DataGrid or GridView in JSP - Servlet

-
Image
Hi there, today I will like to share my knowledge on creating basic Datagrid in JSP. This is my solution but not a permanent solution in all other cases. Maybe you can enhance this code to achieve your own objective. In this tutorial, I will use basic servlet and JSP. Note: In this tutorial, I will use this library:- MySQL JDBC Driver JSTL 1.1 the project will run on source JDK 7 This is the database table DROP TABLE IF EXISTS `blogtest`.`usersprofile`; CREATE TABLE  `blogtest`.`usersprofile` (   `userid` varchar(30) NOT NULL,   `firstName` varchar(45) NOT NULL,   `lastName` varchar(45) NOT NULL,   `emailAddress` varchar(45) NOT NULL,   PRIMARY KEY (`userid`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; INSERT INTO `usersprofile` VALUES ('Ahmad','Ahmad','Ahmad','Ahmad@gmail.com'), ('Ahmad1','Ahmad1','Ahmad1','Ahmad1@gmail.com'), ('Ahmad10','Ahmad10','Ahmad10','Ahmad10@gmail.com'), ('Ahmad11...
Read more

Control Webpart Visible/Enable using macro in Kentico

-
Image
Simple post just to show how you can enable or visible the webpart in certain page. This is basically to avoid using many template. You can use only one template that have many webpart, and you can control visible/enable it using macro. Macro Code {% if(NodeAlias == "Search") {    return true; } else {  return false; } %} By Mohd Zulkamal NOTE : – If You have Found this post Helpful, I will appreciate if you can Share it on Facebook, Twitter and Other Social Media Sites. Thanks =)
Read more