This article is a part of our Web Security Knowledge Base (back to index)
ScanRepeat checks if the cookie containing a Session ID uses the “httponly” flag. It alerts every occurrence of the “httponly” flag being missing for the Session ID Cookie, providing its name and value.
Would you like to test your application now against this problem? Sign up for our free trialScan Your Web App Now