Martin Paul Eve bio photo

Martin Paul Eve

Professor of Literature, Technology and Publishing at Birkbeck, University of London

Email Books Twitter Github Stackoverflow MLA CORE Institutional Repo ORCID ID  ORCID iD Wikipedia Pictures for Re-Use

This is a well known trick that I just wanted to share as it is so crucial in preventing effective XSS attacks in Internet Explorer (and hopefully soon FireFox).

Anyway, the method is simple, whack this under the <system.web> section of your web.config file:

<httpCookies httpOnlyCookies="true" requireSSL="false" domain="" />