1. Cookie analyzer
  • Look for invalid "domain" or path attribute
  • Look for invalid expiration timezone
  • Look for P3P policy errors or "unacceptable" tokens
  1. HTTPLint
  • Warn on NTLM/Nego usage with Connection: Close
  • Warn on NTLM/Nego usage with HTTP/1.0
  • Warn on Expires > 1 year
  • Warn on max-age > Int32.MaxValue
  • Warn on headers >16k
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License