News
  • Favorite
  • Facebook
  • Twitter
  • LinkedIn

Microsoft Press Pearson Education (InformIT)
Skip Navigation Links
Pearson Education (InformIT)
How to: Prevent hijack sessions attacks for ASP.NET Web Applications

What is hijack sessions attacks?

        In computer science, session hijacking refers to the exploitation of a valid computer session (sometimes also called a session key) to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim's computer.

Solution:

With ASP.Net 2.0, Forms Authentication cookie is not available to client side script to prevent XSS. Check this http://msdn.microsoft.com/en-us/netframework/aa497240.aspx

You can also mark all cookies as HttpOnly cookies using the configuration file by adding the following code under the <system.web> configuration section

<httpCookies httpOnlyCookies="true"/>

(283) Comments

Blog Message http://vrmmorpg.com/index.php?p=/discussion/64/meditation-healing-the-entire-body-mind-and-soul?new=1

Fantastic blog post.Much thanks again. Cool.


Blog Message http://iciclemosque52.isblog.net/have-some-most-advanced-technology-news-nowadays-2060728

Major thankies for the blog post.Much thanks again. Want more.


Blog Message http://www.konstler.com/stories/blog/view/55988/what-to-consider-when-selecting-a-brand-new-smartphone

Awesome blog article.Really looking forward to read more. Want more.


Blog Message http://vevomack.co

Wow! This can be one particular of the most useful blogs We have ever arrive across on this subject. Actually Magnificent. I am also an expert in this topic therefore I can understand your hard work.


Blog Message http://www.sensolatino.com

There as certainly a great deal to know about this issue. I really like all the points you have made.


Blog Message http://kupi-iphone.info/story/22680

This is one awesome blog.Really thank you! Keep writing.


Blog Message http://www.scholarlyinsider.com/Insider/blog/view/95372/peptides-in-natual-skin-care-study-the-role-of-peptides-in-skincare

I am so grateful for your blog post.Really thank you!


Blog Message https://vimeo.com/user37759713

You made some nice points there. I looked on the internet for the subject and found most people will consent with your site.


Blog Message https://opinionlinks.com

Simply a smiling visitor here to share the love (:, btw outstanding design. Audacity, more audacity and always audacity. by Georges Jacques Danton.


Blog Message http://www.stumbleupon.com/su/2vQvem/:MmIxIxpg:fo2@U2UO/www.amazingsujikopeptide.com

Thanks again for the blog article.Much thanks again. Fantastic.


Blog Message https://www.pinterest.com/lukekaur/

Great article.Really thank you! Really Cool.


Blog Message http://www.pearltrees.com/flynnpownall#item196411782

Fantastic blog. Awesome.


Blog Message http://www.pearltrees.com/flynnpownall#item196410439

Very neat article.Really looking forward to read more. Fantastic.


Blog Message http://sen-boutique.com/members/waiterclock22/activity/437894/

I truly appreciate this article post.Much thanks again. Keep writing.


Blog Message http://komunitatea.blogariak.net/blog/view/336585/vidmate-apk-download

Very good article post.Thanks Again. Great.

First Previous 1 2 3 4 5 6 7 8 9 10  ... Next Last 
Rating
Name
Email
Comment