Hi,

I am trying all the cookies in one of the application secure. So far I have not found a way to do it. Closest one I have encountered so far is using Factory Configuration component or using SetCookie action. Below are the problem I have with both of them

  1. Factory Configuration: You can only make the cookies secure at platform level per environment. we cannot make it at certain application level
  2. SetCookie: we need to know all the cookies and then have that many number of action in preparation to make it secure.

One more possible solution I am thinking is creating a shared configuration in Factory configuration for making the cookie secure and apply that shared configuration to all the space of my application. Will this work? If yes will below XSL work?


<?xml version="1.0" encoding="UTF-8"?>

<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">

    <xsl:output method="xml" indent="yes" encoding="UTF-8"/>

    <xsl:template match="@*|node()">

        <xsl:copy>

            <xsl:apply-templates select="@*|node()"/>

        </xsl:copy>

    </xsl:template>

    <xsl:template match="/configuration">

        <xsl:copy>

            <xsl:apply-templates select="@*|node()"/>

            <location path="Solutions_List.aspx">

                <system.web>

                    <httpCookies requireSSL="true" />

                </system.web>

            </location>

            <location path="Extensions_List.aspx">

                <system.web>

                    <httpCookies requireSSL="true" />

                </system.web>

            </location>

            <location path="eSpaces_List.aspx">

                <system.web>

                    <httpCookies requireSSL="true" />

                </system.web>

            </location>

        </xsl:copy>

    </xsl:template>

</xsl:stylesheet>


Are there any other approach to make cookies secure on particular application.

Regards.

Prasad Rao wrote:

Hi,

I am trying all the cookies in one of the application secure. So far I have not found a way to do it. Closest one I have encountered so far is using Factory Configuration component or using SetCookie action. Below are the problem I have with both of them

  1. Factory Configuration: You can only make the cookies secure at platform level per environment. we cannot make it at certain application level
  2. SetCookie: we need to know all the cookies and then have that many number of action in preparation to make it secure.

One more possible solution I am thinking is creating a shared configuration in Factory configuration for making the cookie secure and apply that shared configuration to all the space of my application. Will this work? If yes will below XSL work?


<?xml version="1.0" encoding="UTF-8"?>

<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">

    <xsl:output method="xml" indent="yes" encoding="UTF-8"/>

    <xsl:template match="@*|node()">

        <xsl:copy>

            <xsl:apply-templates select="@*|node()"/>

        </xsl:copy>

    </xsl:template>

    <xsl:template match="/configuration">

        <xsl:copy>

            <xsl:apply-templates select="@*|node()"/>

            <location path="Solutions_List.aspx">

                <system.web>

                    <httpCookies requireSSL="true" />

                </system.web>

            </location>

            <location path="Extensions_List.aspx">

                <system.web>

                    <httpCookies requireSSL="true" />

                </system.web>

            </location>

            <location path="eSpaces_List.aspx">

                <system.web>

                    <httpCookies requireSSL="true" />

                </system.web>

            </location>

        </xsl:copy>

    </xsl:template>

</xsl:stylesheet>


Are there any other approach to make cookies secure on particular application.

Regards.

Hi,


One suggestion, you can create a "hidden" web page with this configuration and the application can read from this web page or can create the web page and create some actions to other applications read the configuration.


About XSL, i think this will work.


Cheers


Hi,

Making XSL did not work for me. I had to enable secure cookie in platform tab and republish my app, after this it worked. We did not take the route of setting each cookie secure through action because in future if platform changed and added one new cookie we have to change our application.

Regards.

Prasad