Cookie without Secure flag set

Description

This cookie does not have the Secure flag set. When a cookie is set with the Secure flag, it instructs the browser that the cookie can only be accessed over secure SSL channels. This is an important security protection for session cookies.

Remediation

If possible, you should set the Secure flag for this cookie.

Severity
Classification
Tags
  • Configuration