How to handle the TLS cookie issue and possible best practices

Occasional Contributor

 

To handle the TLS cookie without secure flag set issue, we have implemented the below code in Global.asax file.

Session_Start(object sender, EventArgs e)

{

  if (Request.IsSecureConnection == true)

  {

    Response.Cookies["ASP.NET_SessionID"].SameSite = SameSiteMode.None;

    Response.Cookies["ASP.NET_SessionID"].Secure = true;

  }

}

With the above code, the issue mentioned is addressed, but they are not able to browse the other application in the same browser with different tab, which is configured in the same domain. Observed that site is not loading in the same browser.

Requesting can you please let me know possible best practices without impacting other components

0 Replies