Hello
Running IIS 8.5 on Win2k12 R2.
Installed a web.config at C:\inetpub\wwwroot. The working contents are:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<defaultDocument>
<files>
<clear />
<add value="default.aspx" />
<add value="Default.htm" />
<add value="Default.asp" />
<add value="index.htm" />
<add value="index.html" />
<add value="iisstart.htm" />
</files>
</defaultDocument>
<httpProtocol>
<customHeaders>
<add name="Strict-Transport-Security" value="max-age=31536000; includeSubdomains" />
<add name="X-Frame-Options" value="SAMEORIGIN" />
<add name="X-Xss-Protection" value="1; mode=block" />
<add name="X-Content-Type-Options" value="nosniff" />
</customHeaders>
</httpProtocol>
<httpErrors errorMode="Detailed" />
</system.webServer>
</configuration>
When I add
<httpCookieshttpOnlyCookies="true"/>
after <system.webServer> the server throws a 500 error.
When working, the content served is a Default.aspx page:
<%
Response.Cookies("LastVisit").Value = DateTime.Now.ToString()
Response.Cookies("LastVisit").Expires = DateTime.Now.AddDays(365)
%>
Hello there!
**
Any help would be appreciated.