Dear All,
One of my client to whom I have given asp.net web application and is hosted on HTTP in Abbys server, while going through the IT security check they provided me the list of issues in application as below.
Unencrypted login request.
Insufficient Authorization.
Cross site frogery
Medium --> Missing HttpOnly Attribute in Session cookie.
Please suggest me the solution for this, your help will be highly appreciated.
Thanks in Advanced.
Regards,
Manoj Gupta.