News
  • Favorite
  • Facebook
  • Twitter
  • LinkedIn

Microsoft Press Pearson Education (InformIT)
Skip Navigation Links
Pearson Education (InformIT)
How to: Prevent hijack sessions attacks for ASP.NET Web Applications

What is hijack sessions attacks?

        In computer science, session hijacking refers to the exploitation of a valid computer session (sometimes also called a session key) to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim's computer.

Solution:

With ASP.Net 2.0, Forms Authentication cookie is not available to client side script to prevent XSS. Check this http://msdn.microsoft.com/en-us/netframework/aa497240.aspx

You can also mark all cookies as HttpOnly cookies using the configuration file by adding the following code under the <system.web> configuration section

<httpCookies httpOnlyCookies="true"/>

(306) Comments

Blog Message http://doum911.com

Would love to constantly get updated outstanding website !.


Blog Message http://buttonbaboon8.tribunablog.com/online-shopping-for-clothing-5-advantages-1616684

I think this is a real great blog post.Much thanks again. Really Great.


Blog Message http://android-bazes.ru/user/nounkfeendy331/

I think this is a real great post. Great.


Blog Message http://www.italianfoodcateringorangecounty.com

wow, awesome post.Thanks Again. Keep writing.


Blog Message https://www.warriorforum.com/members/tsx.html

Thank you for your article. Really Great.


Blog Message http://www.portfoliogen.com/wasserkocher

Thank you ever so for you article.Really thank you! Will read on...


Blog Message http://mychildmindinstitute.science/story/38888

Great, thanks for sharing this blog.Really looking forward to read more. Fantastic.


Blog Message http://forum.mmmnigeriaonline.com/discussion/123/easy-strategies-to-find-job-vacancies?new=1

Enjoyed every bit of your blog post.Really looking forward to read more. Cool.


Blog Message http://www.cgriver.com/forum/member.php?657900-maryxecax1

Very good blog article.Really looking forward to read more. Cool.


Blog Message http://www.tracfab.com

Wow, awesome blog layout! How lengthy have you been blogging for? you make blogging glance easy. The full glance of your web site is magnificent, let alone the content!


Blog Message http://www.porntype.com

Im thankful for the article.Much thanks again. Awesome.


Blog Message http://www.freeapkfiles.com/file-extension-apk-android-download-apk-games-apps/

Wow, marvelous blog format! How long have you ever been running a blog for? you made blogging glance easy. The overall look of your website is magnificent, let alone the content material!


Blog Message https://www.paydaypixie.co.uk/

This is one awesome blog.Much thanks again. Really Cool.


Blog Message http://dustjoke22.uzblog.net/great-and-bad-rap-music-1834368

Very good article.Much thanks again. Great.


Blog Message http://silverworkerss.info/story/20932

I really enjoy the post.Really looking forward to read more. Want more.

First Previous 1 2 3 4 5 6 7 8 9 10  ... Next Last 
Rating
Name
Email
Comment