BOUABRE_343008
Dec 05, 2017Nimbostratus
HTTPOnly "attribute and secure "attribute
Hello everyone
The report of my scan shows us the following errors: - "The cookie does not contain the" HTTPOnly "attribute." - "The cookie does not contain the" secure "attribute." I added the following irula that works very well: when HTTP_RESPONSE { foreach mycookie [HTTP :: cookie names] { HTTP :: cookie secure $ mycookie enable } }
But when I try to write the script secure cookie + httponly: when HTTP_RESPONSE { foreach mycookie [HTTP :: cookie names] { HTTP :: cookie secure $ mycookie enable HTTP :: httponly cookie $ mycookie enable } }
I have an error, can you help me?