set httponly cookie #53
Description
cookies.permanent.encrypted[:remember_token] = { value: active_session.remember_token, httponly: true }
Someone can use 'document.cookies' and stole your cookie if you don't use httponly.
{{ message }}
cookies.permanent.encrypted[:remember_token] = { value: active_session.remember_token, httponly: true }
Someone can use 'document.cookies' and stole your cookie if you don't use httponly.