We have a mandate to clear the error we are getting on our website when clicking some links, the error is, "the HttpOnly flag was not set on the '<cookie-name>' cookie." I have researched and see where users recommend adding the parameter below to one or any of the locations below. However, I have not had any luck adding it to any of those locations. This is a version2 .Net framework site so I have only made the following changes there.
<httpCookies httpOnlyCookies="true"/>
This parameter has been added to the website web.config - no luck
added to the windows\Microsoft.NET\Framework\v2.0.5.50727\CONFIG\web.config - no luck
added to the windows\Microsoft.NET\Framework64\v2.0.5.50727\CONFIG\web.config - no luck
added to the windows\Microsoft.NET\Framework\v2.0.5.50727\CONFIG\machine.config - no luck
added to the windows\Microsoft.NET\Framework64\v2.0.5.50727\CONFIG\machine.config - no luck there
I have NOT added to any other v4 framework versions since this site app pool is pointing to V2. Please reply with possible resolution. Thanks