Adobe Target

Here is a list of all the Target Cookies:

• mbox (Stores anonymous identifiers)
• at_check (Temporary cookie to check cookie read/write capability)
• mboxEdgeCluster (This cookie is only present when/if overrideMboxEdgeServer setting is set to true)
• customerclientcode!mboxPC (This cookie is present when/if cross domain is enabled.)
• customerclientcode!mboxSession (This cookie is present when/if cross domain is enabled.)

"secure" can be enabled on all of these cookies using secureOnly: true configuration in at.js implementation. (See this KB.)

The two cookies below are already "HTTPOnly" out of the box:

• customerclientcode!mboxPC
• customerclientcode!mboxSession
  
  

It is not possible to use "HTTPOnly" on the three cookies below because at.js needs to read/write to these cookies:

• mbox
• at_check
• mboxEdgeCluster