'Session Cookie (Authentication Related) Does Not Contain The "HTTPOnly" Attribute

Can someone help me in resolving Qualy's issue?

After Qualys scan, there is an issue that says to add the HTTP Only flag. I have set the HTTP Only flag in web.config of Asp.Net Application but it doesn't resolve. We are using Azure Active Directory (single Sign-On) authentication.

Don't know where I can set the flag to true. Moreover, in some blogs, they mentioned modifying NuGet packages. I have attached the screenshot. please refer to it. Thanks in advance. Flags are: wlidperf, ESTSAUTHLIGHT, brcap, ch, clrc

enter image description here

asp.netazurebackend


Solution 1:[1]

You can change the settings related to HTTPS Only option under the following root inside your Azure Dashboard:

Settings - Custom Domains - HTTPS Only

However, you have to checkup with your security options and configurations, because this can engender security related problems later down the road.

Azure Dashboad

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Mohi

Related Questions

Passing data from database containing new line breaks jquery

Creating .ICS files, adding to outlook

ASP.NET: HTTP Error 500.19 – Internal Server Error 0x8007000d

The configuration section cannot contain a CDATA or text element

Attempting to make enter button 'clickable'

automapper map interface to interface or object

How to show or hide contents of an aspx page based on current user's roles

The server response was: 5.7.0 Must issue a STARTTLS command first. i16sm1806350pag.18 - gsmtp

IIS 8.0 Detailed 500.0 Internal Server Error - IsapiModule Not Found

EntityDataSource - how to do WHERE Clause from different table

No authentication handler is registered for the scheme 'Cookies'. The registered schemes are: Application, Bearer, ASOS

How to use jquery in ASP.​NET Core

Create HTML table from a list

How to change Text of button in FileUpload control and set value to textbox

How to add project reference to ASP.NET Core 1.0 MVC project