Pages tagged: Cookies

Ensuring samesite cookies with URL Rewrite

Published by

In this article, we will increase our websites level of protecting against Cross-Site Request Forgery and Cross-Site Script Inclusion attacks by appending an additional modifier to the Set-Cookie HTTP header.

Ensuring httpOnly cookies with URL Rewrite

Published by

In this article, I will give a brief overview of cookies, why we want them to be httpOnly and how we can ensure this via URL Rewrite. We will also be creating our first outbound rewrite rule with a pre-condition.