Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Monday, April 10, 2017 5:42 PM
Hello
Running IIS 8.5 on Win2k12 R2.
Installed a web.config at C:\inetpub\wwwroot. The working contents are:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<defaultDocument>
<files>
<clear />
<add value="default.aspx" />
<add value="Default.htm" />
<add value="Default.asp" />
<add value="index.htm" />
<add value="index.html" />
<add value="iisstart.htm" />
</files>
</defaultDocument>
<httpProtocol>
<customHeaders>
<add name="Strict-Transport-Security" value="max-age=31536000; includeSubdomains" />
<add name="X-Frame-Options" value="SAMEORIGIN" />
<add name="X-Xss-Protection" value="1; mode=block" />
<add name="X-Content-Type-Options" value="nosniff" />
</customHeaders>
</httpProtocol>
<httpErrors errorMode="Detailed" />
</system.webServer>
</configuration>
When I add
<httpCookies httpOnlyCookies="true" />
after <system.webServer> the server throws a 500 error.
When working, the content served is a Default.aspx page:
<%
Response.Cookies("LastVisit").Value = DateTime.Now.ToString()
Response.Cookies("LastVisit").Expires = DateTime.Now.AddDays(365)
%>
Hello there!
**
Any help would be appreciated.
All replies (2)
Tuesday, April 11, 2017 12:46 AM
When I add
<httpCookies httpOnlyCookies="true" />
after <system.webServer> the server throws a 500 error.
That is your problem - the httpCookies element goes inside <system.web>, not <system.webServer>.
https://msdn.microsoft.com/en-us/library/ms228262%28v=vs.100%29.aspx
Tuesday, April 11, 2017 7:28 AM
Hi aswipsoft,
In addition, if you get a 500 internal error, enable a detailed error message could provide more information especially an issue casued by configuration file.
http://stackoverflow.com/questions/2640526/detailed-500-error-message-asp-iis-7-5
Best Regards,
Yuk Ding