SSL VPN
Reply
Visitor
olejak
Posts: 4
Registered: ‎07-21-2009
0

httponly

Hi,

 

I'm running a SA2500 with 6.4R1 and I was wondering if it's possible to force the SA to set all cookies to httponly?

 

Cheers

Ole

Cheers
Ole
Trusted Contributor
Mrkool
Posts: 252
Registered: ‎02-28-2008
0

Re: httponly

not sure what you are asking in here. Are you trying to run your SSL vpn over port 80?
SA-6500 (7.3R3) Production
MAG 4610 (7.4) Lab
Visitor
olejak
Posts: 4
Registered: ‎07-21-2009
0

Re: httponly

When you use cookies it is possible to set a attribute that say httponly.

 

This means that client side Java script can't access the cookie. 

 

I was just wondering if it is possible to force the SA to set this attribute on all cookies it uses.

 

Cheers

Ole

Cheers
Ole
Distinguished Expert
muttbarker
Posts: 2,379
Registered: ‎01-29-2008
0

Re: httponly

No, don't believe that this is possible.

Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Visitor
olejak
Posts: 4
Registered: ‎07-21-2009
0

Re: httponly

Is there anybody that can tell me with 100% certainty?

 

/Ole

Cheers
Ole
Regular Visitor
ESpa
Posts: 9
Registered: ‎01-17-2009
0
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.