开发者

mcafee scan comes with Encrypted SSL cookie error

I have this as a vulnerability issue in McAfee scan for my website (ASP.NET with VB.Net, IIS7, SQL Server 2008)-

Missing Secure Attribute in an Encrypted Session (SSL) Cookie.

开发者_如何学JAVA

What do i have to do to get rid of this vulnerability? please advice


its a level 1 alert, you would have to use a check in your application to determine if the request is https, and then set secure=true in the cookie.

Alternatively, you could assess if allowing this is inline with your company's policy and accept it in mcafee's panel.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜