How to set the secure flag for the ECM cookie.

  • Updated

This is an example on how to set the secure flag for the ECM cookie. 

To properly secure the ECM cookie:

 

  1. Run your site in HTTPS 
  2. Create a Global.asax file in your site root.
  3. Place the following snippet of code in the  Application_EndRequest of the Global.asax file.

 

   void Application_EndRequest(object sender, EventArgs e)
    {
        for (int iloop = HttpContext.Current.Response.Cookies.Count - 1; iloop >= 0; iloop -= 1)
        {
            HttpCookie cookie = HttpContext.Current.Response.Cookies[iloop];
            if (cookie != null && cookie.Name == "ecm")
            {
                cookie.Secure = true;
            }
        }
    }