I am trying to get a new value for the Session Cookie for every new login. Basically, the value in the screenshot below should have a new random string every time a user logs in. This is to avoid Session Fixation.
I have tried the following :
On login :
Response.Cookies.Delete(".AspNetCore.Session");
HttpContext.Request.Cookies[".AspNetCore.Session"] = "123132" //does not allow to be set
On log out :
HttpContext.Session.Clear();
Response.Clear();
Session.Abandon() // Abandon is no longer available
But the value of the Session Cookie just does not change. Any guidance is greatly appreciated.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.