Setting HttpOnly flag in Classic ASP

Asked Apr 10 '12 at 06:18

Active Apr 10 '12 at 10:41

Viewed 3,011 times

I'm working on a legacy classic ASP using server side Java script application in which I need to set HttpOnly flag on cookies to make application cookies more secured so that they could not be accessed via script. I have tried several ways like (as given below) but it does not seem to work. Any suggestions, if possible with code examples, how to set HttpOnly flag in ASP classic application which is using java script for server side scripting.

I have already tried the following unsuccessfully:

Response.AddHeader("Set-Cookie", "TestC =  Y;HttpOnly");
Response.Cookies("TestC") = "Y;HttpOnly";

I need to code IIS6 and 7 both.

Thanks for any help.

edited Apr 10 '12 at 10:41

Guido Gautier

1,237
9
13

asked Apr 10 '12 at 06:18

A.R

1

Take a look at the answers from [this](http://stackoverflow.com/questions/1056654/cookie-httponly-in-classic-asp) and [this](http://stackoverflow.com/questions/55296/how-exactly-do-you-configure-httponly-cookies-in-asp-classic) SO question. – Guido Gautier Apr 10 '12 at 07:52
This http://stackoverflow.com/questions/1056654/cookie-httponly-in-classic-asp link should help you. – Ravi Vanapalli Apr 10 '12 at 13:52

Setting HttpOnly flag in Classic ASP

0 Answers0