by Joe Lima
Feedback
|
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days):
54691/
197
|
|
|
Half-Baked Cookies |
The ASP session ID cookie, used by the Session object to maintain client state, is another dead giveaway:
Set-Cookie: ASPSESSIONIDQGQGGWFC=MGMLNKMDENPEOPIJHPOPEPPB; You can disable ASP Session State so that this cookie is not placed, but you lose the convenience of using the Session object to maintain client state. You could also create an ISAPI filter to change the names of any session ID cookie. On the other hand, ASP sessions are resource intensive, and turning them off improves the performance and scalability of your ASP application, while also helping to anonymize your server.
|
|
|
User Comments
No comments posted yet.
|
Product Spotlight
|
|