News
  • Favorite
  • Facebook
  • Twitter
  • LinkedIn

Microsoft Press Pearson Education (InformIT)
Skip Navigation Links
Pearson Education (InformIT)
How to: Prevent hijack sessions attacks for ASP.NET Web Applications

What is hijack sessions attacks?

        In computer science, session hijacking refers to the exploitation of a valid computer session (sometimes also called a session key) to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim's computer.

Solution:

With ASP.Net 2.0, Forms Authentication cookie is not available to client side script to prevent XSS. Check this http://msdn.microsoft.com/en-us/netframework/aa497240.aspx

You can also mark all cookies as HttpOnly cookies using the configuration file by adding the following code under the <system.web> configuration section

<httpCookies httpOnlyCookies="true"/>

(228) Comments

Blog Message http://www.parkerwatches.com/slim-casual-watches/

same comment. Is there a way you are able to remove me


Blog Message http://www.sattamaster.in

Pretty nice post. I just stumbled upon your blog and wished to say that I ave truly enjoyed browsing your blog posts. In any case I all be subscribing to your feed and I hope you write again soon!


Blog Message http://www.musclebuildingforbeginners.com/welcome-muscle-building-beginners-blog/

What a funny blog! I actually loved watching this humorous video with my relatives as well as with my colleagues.


Blog Message https://www.facebook.com/InfrarotheizungTest/posts/1144132085703464

instances, an offset mortgage provides the borrower with the flexibility forced to benefit irregular income streams or outgoings.


Blog Message http://quote.chelseapremium.com/oceana-west-virginia-wv-commercial-insurance-premium-commission/

I am so grateful for your blog.Really looking forward to read more.


Blog Message http://etgold.blogspot.tw/2016/09/alien-implants-removed-with-physical.html

Major thanks for the article post.Much thanks again. Awesome.


Blog Message http://katonkaragay.kz/user/issuevait978/

Very informative article.Really looking forward to read more. Great.


Blog Message http://www.robbybubble.ro/forum/profile.php?mode=viewprofile&u=1336994

Great article post.Much thanks again. Will read on...


Blog Message http://prostigirls.ru/user/marywexov1/

Really informative blog article.Thanks Again. Keep writing.


Blog Message http://outdoorhole.com/best-rubber-hunting-boots/

Thanks for the good writeup. It in truth was once a entertainment account it.


Blog Message http://www.zimnewsblog.com/

I value the article post.Much thanks again. Keep writing.


Blog Message https://financialservicedirectory.com

This is what good writing is made of; interesting, engaging, intelligent and well-written content. This is exactly what I see in your article. Thank you.


Blog Message http://www.pak-photographers.com/members/panda49crack/activity/568573/

It seems like you are generating problems oneself by trying to remedy this concern instead of looking at why their can be a difficulty in the first place


Blog Message http://www.xnxx-downloader.net

Really appreciate you sharing this post.Really thank you! Cool.


Blog Message https://www.fiverr.com/jacke123/create-120-pr9-pr8-pr7-pr6-pr5-backlinks

Thanks-a-mundo for the article post.Much thanks again. Will read on

First Previous 1 2 3 4 5 6 7 8 9 10  ... Next Last 
Rating
Name
Email
Comment