Set-Cookie/EN: Unterschied zwischen den Versionen

Version vom 26. März 2019, 11:09 Uhr

Check	Cookies are not secured.
Description	Cookies should be secured by setting the HttpOnly and Secure flags to ensure they cannot be read or altered by others.
Background	Checks whether or not cookies are secured.
Consequence	Unsecured cookies can be altered or read through a man-in-the-middle-attack.
Solution/Tips	`httpOnly`-flag: set this so that cookies cannot be accessed by Javascript. You protect session information from being stolen and misused. Whoever owns a session cookie is authenticated. `secure`-Flag: set this to ensure that cookies are only transmitted across encrypted (https) channels.

Version vom 22. März 2019, 15:12 Uhr (Quelltext anzeigen) Siwebot (Diskussion \| Beiträge) ← Zum vorherigen Versionsunterschied		Version vom 26. März 2019, 11:09 Uhr (Quelltext anzeigen) Siwebot (Diskussion \| Beiträge) Zum nächsten Versionsunterschied →
Zeile 1:		Zeile 1:
−	=== ~~<span style="color:#c31622">~~{{:{{PAGENAME}}/Headline}}~~<span>~~===	+	=== {{:{{PAGENAME}}/Headline}} ===

	{\| class="wikitable"		{\| class="wikitable"