fullhappy
-
Posts
5 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Posts posted by fullhappy
-
-
There are indeed cookie security issues. 1. Httponly must have the function of enabling settings; 2. The secure attribute can also be set.
cookie security, client value is easy to be stolen and eavesdropped
in General
Posted
With regard to cookie security, client values are easy to be stolen and eavesdropped.
There is indeed a cookie security problem. Can you direct how to handle the following vulnerabilities.
1. How to set httponly? Is it set in the properties of servermodule?
2. How to include secure attribute in cookie?