Error!
Success!

Submit a new Story Link

You've got a new story for us? Awesome! Just fill in the details below and fire away...

Protecting Your Cookies: HttpOnly

Edit your Story Link

Not quite right the first time? No problem, send us your changes...

Ban this user: Options

Please provide a reason for deleting this story
0
kicks

views: 0
comments: 0

Protecting Your Cookies: HttpOnly  (Unpublished)

HttpOnly cookies don't make you immune from XSS cookie theft, but they raise the bar considerably. It's practically free, a "set it and forget it" setting that's bound to become increasingly secure over time as more browsers follow the example of IE7 and implement client-side HttpOnly cookie security correctly. If you develop web applications, or you know anyone who develops web applications, make sure they know about HttpOnly cookies.originated from, so there is no cross-domain posting of the cookies.
more less
Kicked By:
Drop Kicked By:
0
none
views: 0  
comments: 0  
by (unknown)