Back to Rules Directory
Security Vulnerability

Secure Cookies

What is this?

The Secure attribute keeps cookies to HTTPS only; HttpOnly hides them from client-side scripts. Together they stop XSS from stealing session tokens.

How Igris Radar detects it

The Igris Radar scanner automatically flags Secure Cookies during its comprehensive audit of your web property. We simulate real-world crawlers and attack vectors to find issues before they impact your business.

Scan your site for this issue