Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Vulnerability according to audit for 'at_check' cookie

Avatar

Level 2

Hi Guys, Can i change the attribute of the cookie by Launch/At itself.


Vulnerability Category:
150121 Session Cookie (Authentication Related) Does Not Contain The "HTTPOnly" Attribute

150120 Session Cookie (Authentication Related) Does Not Contain The "secure" Attribute

 

According to the above comment received from audit, We want to add "HTTPOnly" and "secure" attribute to cookie.
Any suggestions are welcome. Thanks in advanced!
@shelly-goel @Amelia_Waliany 

1 Accepted Solution

Avatar

Correct answer by
Level 4

Is Adobe Target installed via Adobe Launch? If so, there are instructions at the documentation below. 

 

https://experienceleague.adobe.com/docs/analytics/implementation/vars/config-vars/writesecurecookies...

 

 

View solution in original post

3 Replies

Avatar

Correct answer by
Level 4

Is Adobe Target installed via Adobe Launch? If so, there are instructions at the documentation below. 

 

https://experienceleague.adobe.com/docs/analytics/implementation/vars/config-vars/writesecurecookies...

 

 

Avatar

Level 2
I have tried using above link. Still I can't see "secure" and "HTTPOnly" attributes on "at_check" cookie."

Avatar

Level 1

The above solution works for Adobe Analytics but it doesn't work for Adobe Target related cookies.

 

Thanks,

Darpan