stackoom
  简体   繁体   中英

Classic asp session cookie

 原文  2016-01-11 02:31:51       security/ cookies/ web-applications/ asp-classic/ session-cookies

Question

Does anyone know what marking the secure and path to a classic asp session cookie particularly when you try and access it.

I am assigning the domain to the fqdn and the path to whatever it is to the application. Can I not access the cookie from the look back 127.0.0.1 because the domain doesn't match?

1 answers

solution1
 0  2016-01-13 09:46:16

Cookies can only be accessed by the domain that has set it due to the Same Origin Policy .

Therefore a cookie set on example.com cannot be read by the loopback on 127.0.0.1 or anyother domain name or IP address, even if the IP address points to the same server.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How secure is ASP.NET Identity session cookie? How to synchronize lifetime of forms authentication cookie and Asp.Net Session? How can I access a TLS Session ID within an ASP.NET session? (To avoid BEAST cookie theft) Anti XSS and Classic ASP Classic ASP Hacks - Injection GET ContentType in Classic ASP OWASP in Classic ASP Codeigniter session cookie is secure or not? Can I make my ASP.NET FormsAuthentication cookie more secure by associating it with the session ID? Securing classic asp ajax call
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM