question

adilahmed avatar image
0 Votes"
adilahmed asked Jerryzy edited

Path cookie attribute for Internet facing SharePoint Site

HI
I want to set Path attribute to cookie for our internet facing website, i already set cookie attribute below as secure
<httpCookies httpOnlyCookies="true" requireSSL="true" />

when i add path attribute our SharePoint site it not work it shows the message 'redirected too many times.'

Here i want to know in which scenario path attribute required?
Is this not set it has any security vulnerability to our site?

I check in browser developer tools there is Path value for cookies showing '/' root directory.

office-sharepoint-server-administrationoffice-sharepoint-server-developmentoffice-sharepoint-server-itpro
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

Jerryzy avatar image
0 Votes"
Jerryzy answered Jerryzy edited

Hi @adilahmed,

The HTTP cookie is a small piece of data that a server sends to the user's web browser.

And the Path arrtribute for a Cookie indicates a URL path that must exist in the requested URL in order to send the Cookie header.

SharePoint send the Cookie and set Cookie Path as "/" which specify it use the currrent web application root directory to store the Cookie.

This is no need to set to another one, just leave it as defult "/" in SharePoint and it's no related to security vulnerability for site.

Here is a referfence about Http Cookie and Path Attribute for your reference:

Using HTTP cookies


Thanks
Best Regards




If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.