Cookie.HTTP仅在传统ASP中
答
你可以自己发送HTTP头。或者尝试将其添加到路径属性。你可以写一个帮助函数来为你做。
http://www.asp101.com/tips/index.asp?id=160
Dim myCookie As HttpCookie
myCookie = New HttpCookie("LastVisit", DateTime.Now.ToString())
myCookie.Path += "; HttpOnly"
Response.AppendCookie(myCookie)
答
恐怕用Response.Cookies集合设置时仅Http将无法正常工作(它是推动我慢慢疯了!)。 由于vbscript(至少在我测试的服务器上)将字符编码分号。
相反,手动添加自己的头,例如:
Response.AddHeader "Set-Cookie", "YourCookieName=YourCookieValue; path=/; HttpOnly"
有一个类似的帖子在计算器叫:How exactly do you configure httpOnly Cookies in ASP Classic?
答
我编了微软的ISAPI筛选器的例子(http://msdn.microsoft.com/en-us/library/ms972826)。这解决了我的问题。
的ISAPI DLL是这里https://www.dropbox.com/s/e5mq749acms0rhx/HTTPOnly.dll?dl=0
随意下载。
答
Response.AddHeader "Set-Cookie", ""&CStr(Request.ServerVariables("HTTP_COOKIE"))&";path=/;HttpOnly"&""
答
古老的问题,但我不得不为自己的遗留应用程序弄清楚。
经典ASP的Response.Cookies
收集只是不会为加入HttpOnly
标签做的伎俩。你需要使用
Response.AddHeader("Set-Cookie", useful_value)
让这个工作。如果您尝试设置项目的路径属性Response.Cookies
集合在这样
Response.Cookies["stupid"].Path = "/; HttpOnly"
它有益URLEncodes分号,从而破坏路径。
所以,我撞了几个传统的ASP功能为目的,在与大家传统的ASP生活团结这里提供。
' given a Date item, return the text string suitable for a cookie's expires= field.
' For example: Tue, 02-Aug-2016 18:57:00 GMT
function RFC6265Date (inputDate)
' (we are on EST, Z-5, so offset the time. Classic ASP, no timezone support)
dim date: date = DateAdd("h",5,inputDate)
dim v : v = WeekdayName(Weekday(date),true) & ", "
v = v & Right("00" & Day(date), 2) & "-"
v = v & MonthName(Month(date),true) & "-" & Year(date) & " "
v = v & FormatDateTime(date,4) & ":00 GMT"
RFC6265Date = v
end function
' make cookie header value including various security items
function RFC6265CookieValue(name, val, inputDate, domain)
'name=tok=val&tok=val&tok=val; domain=.glance.net; expires=Tue, 02-Aug-2016 18:57:00 GMT; path=/; HttpOnly; secure
dim cv : cv = name & "="
cv = cv & val & "; "
if inputDate <> "" then
cv = cv & "expires=" & RFC6265Date(inputDate) & "; "
end if
if domain <> "" then
cv = cv & "domain=" & domain & "; "
end if
cv = cv & "path=/; HttpOnly; Secure"
RFC6265CookieValue = cv
end function
要使用此功能,这样称呼它
Response.AddHeader "Set-Cookie", _
RFC6265CookieValue(_
"cookiename", _
"size=big&flavor=chocolate+chip" _
DateAdd("yyyy", 1, Now()), domain), _
"example.com"
(经典ASP就像是迪斯科。一代人之后,它仍然吮吸)
+1,帮助代码我翻译成ASP :) – shahkalpesh 2009-06-29 14:52:58
你不能简单地将它添加到路径属性。这将被编码。 – 2012-10-22 01:49:51
这不是[标签:asp-classic],但它有2票,谁这样做? – Lankymart 2014-09-29 19:08:31