Menu
▾
▴
Re: [webmin-l] Security scan result: Missing `httpOnly` Cookie Attribute and Missing `secure` Cookie Attribute
|
From: Andrey R. <anr...@ya...> - 2019-03-14 01:20:14
|
Greetings, Clement Ogedengbe! > The flaw is due to a cookie is not using the 'httpOnly' attribute. This > allows a cookie to be accessed by JavaScript which could lead to session > hijacking attacks. Only if you have installed an untrusted javascript on your webmin host. > Can someone please help with any idea about how to fix this: Working as intended, nothing to fix. -- With best regards, Andrey Repin Thursday, March 14, 2019 4:07:53 Sorry for my terrible english... |
