HttpCookiesSection.HttpOnlyCookies Property


This API supports the product infrastructure and is not intended to be used directly from your code.

Gets or sets a value indicating whether the support for the browser's HttpOnly cookie is enabled.

Namespace:   System.Web.Configuration
Assembly:  System.Web (in System.Web.dll)

[ConfigurationPropertyAttribute("httpOnlyCookies", DefaultValue = false)]
public bool HttpOnlyCookies { get; set; }

Property Value

Type: System.Boolean

true if support for the HttpOnly cookie is enabled; otherwise, false. The default is false.

The httpCookies element supports the use of HttpOnly cookies. HttpOnly cookies (cookies with the HttpOnly attribute) were introduced in Internet Explorer 6 to help mitigate the risk of cross-site scripting. The HttpOnly attribute prevents cookies from being accessed through client-side script. Any information contained in an HttpOnly cookie is less likely to be disclosed to a hacker or a malicious Web site. For more information, search MSDN ( for "HttpOnly."

The following code example shows how to use the HttpOnlyCookies property.

// Get the current HttpOnlyCookies.
Boolean httpOnlyCookiesValue = 

// Set the HttpOnlyCookies.
httpCookiesSection.HttpOnlyCookies = 

.NET Framework
Available since 2.0
Return to top