Hello,
To solve the Cookie Session Without 'Secure' Flag vulnerability, I found this tutorial. In the <system.web> element, I have following line:
<httpCookies httpOnlyCookies="true" requireSSL="true" domain="String" />
But why problem existed?
Thank you.