cancel
Showing results for 
Search instead for 
Did you mean: 

Http only flag set on applications cookies

draco
Nimbostratus
Nimbostratus

Hi All

 

If i set the http only attribute for the cookies learnt in the ASM policy, then when I access the web application, and inspect the same via browser, it should show that the cookie has http only attribute enabled??

1 REPLY 1

P_K
MVP
MVP

That is correct! You are basically forcing browser to access cookies via http and https by enabling httponly attribute in ASM.