Have all cookies from the application marked as secure and HttpOnly
In a internal review of web-applications our riscmanament suggests that all webapplications cookies must be marked being secure and HttpOnly.
Could that be possible?
4
votes
Rikard Edje
shared this idea