httponly

olejak · ‎07-21-2009

Hi,

I'm running a SA2500 with 6.4R1 and I was wondering if it's possible to force the SA to set all cookies to httponly?

Cheers

Ole

Cheers
Ole

Mrkool · ‎02-28-2008

not sure what you are asking in here. Are you trying to run your SSL vpn over port 80?

SA-6500 (7.0R6) Production
SA-6000 (7.0R6) Sudo Production
SA-2000 (7.1R4) Lab

olejak · ‎07-21-2009

When you use cookies it is possible to set a attribute that say httponly.

This means that client side Java script can't access the cookie.

I was just wondering if it is possible to force the SA to set this attribute on all cookies it uses.

Cheers

Ole

Cheers
Ole

muttbarker · ‎01-29-2008

No, don't believe that this is possible.

Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.

olejak · ‎07-21-2009

Is there anybody that can tell me with 100% certainty?

/Ole

Cheers
Ole

ESpa · ‎01-17-2009

Not possible:

http://kb.juniper.net/index?page=content&id=KB16127&cat=SA_5000&actp=LIST&showDraft=false

httponly

Re: httponly

Re: httponly

Re: httponly

Re: httponly

Re: httponly