ClearOS Documentation

×

Warning

0 error for file:https://clearos.com/dokuwiki2/lib/exe/css.php?t=dokuwiki&tseed=82873f9c9a1f5784b951644363f20ef8

User Tools

Site Tools


'HttpOnly is an additional flag included in a Set-Cookie HTTP response header. If supported by the browser, using the HttpOnly flag when generating a cookie helps mitigate the risk of client side script accessing the protected cookie. If a browser that supports HttpOnly detects a cookie containing the HttpOnly flag, and client side script code attempts to read the cookie, the browser returns an empty string as the result. This causes the attack to fail by preventing the malicious (usually XSS) code from sending the data to an attacker's website.'

ClearCenter response

ClearCenter is currently investigating this claim.

Short response

ClearCenter is reviewing steps to tighten this concern with the Webconfig interface. Please check back for a resolution or statement at a later time.

Long response

ClearCenter is reviewing steps to tighten this concern with the Webconfig interface. Please check back for a resolution or statement at a later time.

Tracker Item: https://tracker.clearos.com/view.php?id=21711

Resolution

No resolution yet exists for this reported issue

content/en_us/kb_3rdparty_rapid_7_missing_httponly_flag_from_cookie.txt · Last modified: 2018/10/03 09:03 by dloper

https://clearos.com/dokuwiki2/lib/exe/indexer.php?id=content%3Aen_us%3Akb_3rdparty_rapid_7_missing_httponly_flag_from_cookie&1568771391