7 lines
311 B
Plaintext
7 lines
311 B
Plaintext
== Ask Yourself Whether
|
|
|
|
* the cookie is sensitive, used to authenticate the user, for instance a _session-cookie_
|
|
* the ``++HttpOnly++`` attribute offer an additional protection (not the case for an _XSRF-TOKEN cookie_ / CSRF token for example)
|
|
|
|
There is a risk if you answered yes to any of those questions.
|