Thomas Hop Posted September 4, 2023 Posted September 4, 2023 Hello, We recently have done a penetration test, which resulted in a few points that maybe are worth addressing. The two points we wondered if you could help us with are the following. We got a notice because there is no HTTPonly set on the cookies. We also got a notice because the SameSite attribute of cookies is not set. (see image) Is there a reason these are configured as is? Thanks in advance. Kind Regards, Thomas
Marc Posted September 5, 2023 Posted September 5, 2023 I have tagged our developers on this, so we can get an answer on that question for you Thomas Hop 1
Recommended Posts