Cookie Secure Flag
Description
When a cookie is set with the Secure flag, it instructs the browser that the cookie can only be accessed over secure SSL channels. This is an important security protection for session cookies.
The secure flag is an option that can be set by the application server when sending a new cookie to the user within an HTTP Response. The purpose of the secure flag is to prevent cookies from being observed by unauthorized parties due to the transmission of the cookie in clear text.
Risk
It is possible to steal or manipulate sessions and cookies, which might be used to impersonate a legitimate user, allowing the hacker to view or alter user records, and to perform transactions as that user.
How to set Secure flag in Cookie
Set secure flag in JAVA
Set secure flag in ASP.NET
Set secure flag in PHP
Set secure flag in Apache
Leave a Reply
Want to join the discussion?Feel free to contribute!