Protecting Your Cookies: HttpOnly

blog
101

I’m a fan of HttpOnly

http://www.guidanceshare.com/wiki/ASP.NET_1.1_Security_Guidelines_-_Cross-Site_Scripting