Cookie Security (HTTPOnly-/Secure-Flag)
sasl
Member ✭
Hi,
It would be nice if it is possible to set this for the cookies (Cookie Persistence).
Will this feature be available in one of the next releases?
RFC 6265 (Chapter: 4.1.2.6. The HttpOnly Attribute)
Regards
It would be nice if it is possible to set this for the cookies (Cookie Persistence).
Will this feature be available in one of the next releases?
RFC 6265 (Chapter: 4.1.2.6. The HttpOnly Attribute)
Regards
0
Comments
when HTTP_RESPONSE { if { [HTTP::header exists "Set-Cookie"] } { set cookie_value [HTTP::cookie "TestCookie"] HTTP::cookie remove "TestCookie" HTTP::header insert "Set-Cookie" "TestCookie=$cookie_value; HttpOnly" } }