You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.
Recommendations
Ensure that the HttpOnly flag is set for all cookies.
Evidence
This is the request where the cookie is returned:
The cookie is returned without the HttpOnly flag set:
The text was updated successfully, but these errors were encountered:
Details
A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.
Recommendations
Ensure that the HttpOnly flag is set for all cookies.
Evidence
This is the request where the cookie is returned:
The cookie is returned without the HttpOnly flag set:
The text was updated successfully, but these errors were encountered: