Avatar

Level 2

Hi Guys, Can i change the attribute of the cookie by Launch/At itself.


Vulnerability Category:
150121 Session Cookie (Authentication Related) Does Not Contain The "HTTPOnly" Attribute

150120 Session Cookie (Authentication Related) Does Not Contain The "secure" Attribute

 

According to the above comment received from audit, We want to add "HTTPOnly" and "secure" attribute to cookie.
Any suggestions are welcome. Thanks in advanced!