Tag: Cookie HttpOnly

Cookie Not Marked as HttpOnly

HTTPOnly cookies cannot be read by client-side scripts, therefore marking a cookie as HTTPOnly can provide an additional layer of protection against cross-site scripting attacks. Solution <session-config> <cookie-config> <http-only>true</http-only> </cookie-config> </session-config> NarayanaswamyHello! I am Narayanaswamy founder and admin of narayanatutorial.com. I have been working in IT industry more than 7 years. NarayanaTutorial is my web […]