Jerry Orman

Adventures in SharePoint
  • Jerry Orman

    Session loss after migrating to ASP.NET 2.0

    The HttpOnly attribute has been added to the Session cookie generated by ASP.NET 2.0. This value is hardcoded and cannot be changed via a setting in the application. While this is documented as a breaking change in the breaking changes document (linked...
  • Jerry Orman

    Another SSL Termination/Acceleration gotcha in 2.0

    In 1.1, we used the requireSSL attribute to ensure that the FormsAuthentication cookie has the secure attribute set. In 2.0, if you have requireSSL set, we'll remove the cookie from the incoming request if the web server receives the cookie over a non...
Page 1 of 1 (2 items)