Thomas Hop Posted September 4, 2023 Share Posted September 4, 2023 Hello, We recently have done a penetration test, which resulted in a few points that maybe are worth addressing. The two points we wondered if you could help us with are the following. We got a notice because there is no HTTPonly set on the cookies. We also got a notice because the SameSite attribute of cookies is not set. (see image) Is there a reason these are configured as is? Thanks in advance. Kind Regards, Thomas Link to comment Share on other sites More sharing options...
Marc Stridgen Posted September 5, 2023 Share Posted September 5, 2023 I have tagged our developers on this, so we can get an answer on that question for you Thomas Hop 1 Link to comment Share on other sites More sharing options...
Recommended Posts