ORCID iDThis is a well known trick that I just wanted to share as it is so crucial in preventing effective XSS attacks in Internet Explorer (and hopefully soon FireFox).
Anyway, the method is simple, whack this under the <system.web> section of your web.config file:
<httpCookies httpOnlyCookies="true" requireSSL="false" domain="" />Tada!