I am working on a MVC 4 web site, tester has informed me on Logout .ASPXAUTH cookies expired automatically but RequestVerificationToken_Lw cookies do not expires.
I am not sure is RequestVerificationToken_Lw suppose to expire on logout ? On logout user is returned to logon page which do not have Html.AntiForgeryToken() used in it. Any guidline please how I can set RequestVerificationToken_Lw to be expired on logout ?
Thanks for your help and guidance.
I just set this cookie to be expired as a normal cookie by setting its expiry date to -1d.