HttlOnly Flag for cookie
-
Session Cookie without HttpOnly flag set
Severity Low
Type Informational
Reported by module Crawler
Impact
Description
This cookie does not have the HTTPOnly flag set. When a cookie is set with the HTTPOnly flag, it instructs the browser
that the cookie can only be accessed by the server and not by client-side scripts. This is an important security protection
for session cookies.
None
Recommendation
If possible, you should set the HTTPOnly flag for this cookie.
Affected items
Details
/
Cookie name: “liked-)”
Cookie domain: “xxx”
- The topic ‘HttlOnly Flag for cookie’ is closed to new replies.
