Secure session cookies in ASP.NET over HTTPS

Question

I got a little curious after reading this /. article over hijacking HTTPS cookies. I tracked it down a bit, and a good resource I stumbled across lists a few ways to secure cook

Answer 1

The web.config setting to control this goes inside the System.Web element and looks like: