HttpCookiesSection.HttpOnlyCookies Property

Definition

Namespace:

System.Web.Configuration

Assembly:

System.Web.dll

Gets or sets a value indicating whether the support for the browser's HttpOnly cookie is enabled.

This API supports the product infrastructure and is not intended to be used directly from your code.

public:
 property bool HttpOnlyCookies { bool get(); void set(bool value); };

[System.Configuration.ConfigurationProperty("httpOnlyCookies", DefaultValue=false)]
public bool HttpOnlyCookies { get; set; }

[<System.Configuration.ConfigurationProperty("httpOnlyCookies", DefaultValue=false)>]
member this.HttpOnlyCookies : bool with get, set

Public Property HttpOnlyCookies As Boolean

Property Value

Boolean

true if support for the HttpOnly cookie is enabled; otherwise, false. The default is false.

Attributes

ConfigurationPropertyAttribute

Examples

The following code example shows how to use the HttpOnlyCookies property.

// Get the current HttpOnlyCookies.
Boolean httpOnlyCookiesValue = 
    httpCookiesSection.HttpOnlyCookies;

// Set the HttpOnlyCookies.
httpCookiesSection.HttpOnlyCookies = 
    false;

' Get the current HttpOnlyCookies.
Dim httpOnlyCookiesValue As Boolean = _
httpCookiesSection.HttpOnlyCookies

' Set the HttpOnlyCookies.
httpCookiesSection.HttpOnlyCookies = _
False

Remarks

The httpCookies element supports the use of HttpOnly cookies. HttpOnly cookies (cookies with the HttpOnly attribute) were introduced in Internet Explorer 6 to help mitigate the risk of cross-site scripting. The HttpOnly attribute prevents cookies from being accessed through client-side script. Any information contained in an HttpOnly cookie is less likely to be disclosed to a hacker or a malicious Web site. For more information, search MSDN (msdn.microsoft.com) for "HttpOnly."

See also

• HttpCookie
• HttpCookieMode
• Introduction to ASP.NET Web Page State Management