cookie设置HttpOnly、Secure属性
参考网址:https://www.cnblogs.com/Irving/archive/2013/03/08/2949106.html
c#
System.Web.Security.FormsAuthenticationTicket tk = new FormsAuthenticationTicket(1,
sUT.UserID.ToString(),
DateTime.Now,
DateTime.Now.AddDays(1),
true,
"",
System.Web.Security.FormsAuthentication.FormsCookiePath
);
string key = System.Web.Security.FormsAuthentication.Encrypt(tk); //得到加密后的身份验证票字串
HttpCookie ck = new HttpCookie(System.Web.Security.FormsAuthentication.FormsCookieName, key);
//ck.Domain = System.Web.Security.FormsAuthentication.CookieDomain; // 这句话在部署网站后有用,此为关系到同一个域名下面的多个站点是否能共享Cookie
ck.HttpOnly = true;//cookie添加HttpOnly属性
// ck.Secure = true;//cookie添加Secure安全验证
ck.Secure = FormsAuthentication.RequireSSL;//cookie添加Secure安全验证
HttpContext.Current.Response.Cookies.Add(ck);