httpOnly attribute and Out of the box SharePoint workflow

HTTPOnlyCookies attribute is a good security control but if you enable it in SharePoint it will prevent or cause an error when you are creating out of the box SharePoint workflows.

Error :

“Application error when access /_layouts/15/CstWrkflIP.aspx, Error=Value cannot be null. ….”

Fix:

Remove this attribute httpOnlyCookies=”true” from web.config and accept the risk or extend the SharePoint web application and only remove it from internal access website.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s