Using the IIS7 Rewriting engine I have a rule which adds "; HttpOnly" to any response "Set-Cookie" headers that do not already have "HttpOnly" on.
I need to provide the same function on IIS6. Is this possible with IIRF?
Similarly I would like to strip the "Secure" option from any incoming cookies and add it to any outgoing "Set-Cookie" headers.
Is this also possible with IIRF?