System.Web.Configuration.HttpCookiesSection Class

Configures properties for cookies used by a Web application.

See Also: HttpCookiesSection Members


public sealed class HttpCookiesSection : System.Configuration.ConfigurationSection


The System.Web.Configuration.HttpCookiesSection class provides a way to programmatically access and modify the httpCookies section of a configuration file.

It defines the settings applied by default to all cookies issued by the application, unless the code issuing the cookie overrides them.

One objective of the httpCookies element is to support the use of HttpOnly cookies. HttpOnly cookies (cookies with the HttpOnly attribute) were introduced in Internet Explorer 6 to help mitigate the risk of cross-site scripting. The HttpOnly attribute prevents cookies from being accessed through client-side script. Any information contained in an HttpOnly cookie is less likely to be disclosed to a hacker or a malicious Web site. For more information, search MSDN ( for "HttpOnly."


The System.Web.Configuration.HttpCookiesSection can read and write information from and to the related section of the configuration file according to the section property System.Configuration.SectionInformation.AllowDefinition whose value is System.Configuration.ConfigurationAllowDefinition.Everywhere.


Namespace: System.Web.Configuration
Assembly: System.Web (in System.Web.dll)
Assembly Versions:
Since: .NET 2.0