1
Vote

Cookie httponly

description

The method SaveCultureCookie creates a cookie with the property httponly set to false. I think it's a good idea to set this to true (as default) or make it configurable within settings (backend). It's also possible to read the setting from web.config

comments