Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > ASP.NET and ASP > ASP.NET 4 > BOOK: Professional ASP.NET MVC 3
Password Reminder
Register
| FAQ | Members List | Search | Today's Posts | Mark Forums Read
BOOK: Professional ASP.NET MVC 3
This is the forum to discuss the Wrox book Professional ASP.NET MVC 3 by Jon Galloway, Phil Haack, Brad Wilson, K. Scott Allen; ISBN: 978-1-1180-7658-3
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Professional ASP.NET MVC 3 section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old October 11th, 2011, 06:28 PM
Authorized User
Points: 108, Level: 2
Points: 108, Level: 2 Points: 108, Level: 2 Points: 108, Level: 2
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Nov 2007
Location: North Salem, NY, USA.
Posts: 23
Thanks: 3
Thanked 0 Times in 0 Posts
Default Preventing Cookie Theft, Chpt 7

I put the suggested line of code in the tutorial web config (p. 163). It shut down ability to log on. Is there more to do? Code is green because it is actually commented out in current web config.

<httpCookies domain="String" httpOnlyCookies="true" requireSSL="false"/>
  #2 (permalink)  
Old December 9th, 2011, 09:39 PM
Wrox Author
Points: 165, Level: 3
Points: 165, Level: 3 Points: 165, Level: 3 Points: 165, Level: 3
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Oct 2006
Location: San Diego, CA, USA
Posts: 36
Thanks: 1
Thanked 5 Times in 5 Posts
Default Problem is with the domain="String"

The problem isn't with httpOnlyCookies, it's the domain="String" part. That sets the authentication to a non-existing domain named "String"

That was unclear, and will be removed in the next update of the book.

Try
<httpCookies httpOnlyCookies="true" requireSSL="false" />
  #3 (permalink)  
Old December 10th, 2011, 07:28 AM
Authorized User
Points: 108, Level: 2
Points: 108, Level: 2 Points: 108, Level: 2 Points: 108, Level: 2
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Nov 2007
Location: North Salem, NY, USA.
Posts: 23
Thanks: 3
Thanked 0 Times in 0 Posts
Default Thank you, it works

Thank you, Mr. Galloway, it works.
 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Chpt 6 Exercise bopjo1 BOOK: Beginning PHP 6, Apache, MySQL 6 Web Development ISBN: 9780470391143 0 September 28th, 2010 07:06 PM
LinqforEntitiesCS - Chpt 1 Phils_UK BOOK: Professional ADO.NET 3.5 with LINQ and the Entity Framework ISBN: 978-0-470-22988-0 0 July 22nd, 2010 09:43 AM
Chpt 9 Reporting ZeroFactorial BOOK: ASP.NET 3.5 Enterprise Application Development with Visual Studio 2008: Problem Design Solutio 1 October 9th, 2009 02:50 PM
Preventing Hotlinking simtrade Classic ASP Professional 0 October 14th, 2005 05:06 PM
Chpt 3 Please Help Me! nmj001 BOOK: Beginning PHP4/PHP 5 ISBN: 978-0-7645-4364-7; v5 ISBN: 978-0-7645-5783-5 2 July 24th, 2003 10:52 PM



All times are GMT -4. The time now is 09:40 PM.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.