9 Replies Latest reply on Sep 23, 2014 3:19 AM by BKBK

    How to secure CFGLOBALS cookie

    Abdul L Koyappayil Level 1

      To secure CFGLOBALS  cookie I tried the following method as I did for CFID and CFTOKEN . But its not working for CFGLOBALS . Note that this method is working fine for CFID and CFTOKEN.


      <cfset cf_ssn_cookies = {httponly='true', secure='true'}>

      <cfapplication name="ABCD" clientmanagement="Yes" sessionmanagement="Yes" setclientcookies="Yes"sessioncookie=#cf_ssn_cookies#>


      Any idea why the HTTPOnly and SECURE flags are not setting up for CFGLOBALS cookie.