httponly and secure not set for sub path cookie - General - our.umbraco.com

Press Ctrl / CMD + C to copy this to your clipboard.

Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at

Ian 32 posts 82 karma points

Jan 17, 2013 @ 10:38
0

HttpOnly and Secure not set for sub path cookie

General
I have the following in web.config...
```
<httpCookies httpOnlyCookies="true" requireSSL="true" />
```
These settings are being applied to my site's cookies correctly except for a cookie called 'UMB_PANEL' with a path of '/umbraco'. The other Umbraco cookies that I've seen with a path of '/' have their attributes set correctly.

I have tried adding a web.config file with duplicate settings into the '/umbraco' folder but it has no effect.

How can I get these cookie settings to apply to the whole site?
Copy Link
Ian 32 posts 82 karma points

Jan 17, 2013 @ 10:44

0

This is on version 4 or Umbraco.

Copy Link
Tom 161 posts 322 karma points

Aug 30, 2016 @ 17:06

0

Yes 4.6.2

Copy Link
is working on a reply...

Please Sign in or register to post replies

Write your reply to:

Editor

Preview

Draft