Aus Siwecos
Wechseln zu: Navigation, Suche

Check of Set-Cookie

If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.

Result positive Cookies are secured.
Result negativ Cookies are not secured.
Description Cookies should be secured by setting the HttpOnly and Secure flags to ensure they cannot be read or altered by others.
Background Checks whether or not cookies are secured.
Consequence Unsecured cookies can be altered or read through a man-in-the-middle-attack.
Solution/Tips `httpOnly`-flag: set this so that cookies cannot be accessed by Javascript. You protect session information from being stolen and misused. Whoever owns a session cookie is authenticated.

`secure`-Flag: set this to ensure that cookies are only transmitted across encrypted (https) channels.