Cookie Does Not Contain The "HTTPOnly" Attribute (Doc ID 3024880.1)

Last updated on MAY 30, 2024

Applies to:

Oracle Financial Services Compliance Studio - Version 8.1.2 and later
Information in this document applies to any platform.

Symptoms

Cookies without the "HTTPOnly" attribute are permitted to be accessed via JavaScript. Cross-site scripting attacks can steal cookies which could lead to user impersonation or compromise of the application account.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Cookie Does Not Contain The "HTTPOnly" Attribute (Doc ID 3024880.1)

Applies to:

Symptoms

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!