diff options
Diffstat (limited to 'doc/user/application_security/dast/checks/1004.1.md')
-rw-r--r-- | doc/user/application_security/dast/checks/1004.1.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/user/application_security/dast/checks/1004.1.md b/doc/user/application_security/dast/checks/1004.1.md index 72af1156b95..40139f2aa8a 100644 --- a/doc/user/application_security/dast/checks/1004.1.md +++ b/doc/user/application_security/dast/checks/1004.1.md @@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w ## Description -The {cookie_name} cookie was transmitted in a `Set-Cookie` header without the `HttpOnly` attribute set. +The cookie was transmitted in a `Set-Cookie` header without the `HttpOnly` attribute set. To prevent JavaScript being able to access the cookie value - usually via `document.cookies` - all cookies that are used for authorization should have the `HttpOnly` attribute set. |