1
 min read

Cookie Without Secure Flag

A cookie has been set without the secure flag, which means that the cookie can be accessed via unencrypted connections.

Summary

A cookie has been set without the secure flag, which means that the cookie can be accessed via unencrypted connections.

Risk

Low

Solution

Whenever a cookie contains sensitive information or is a session token, then it should always be passed using an encrypted channel. Ensure that the secure flag is set for cookies containing such sensitive information.

References

Let’s check and protect your website from hackers

Run our expert website security checkup and get your tailored security recommendations to protect your website.

Thank you for registering
Oops! Something went wrong.