I have a cookie that is NOT
HttpOnly Can I set this cookie to
HttpOnly attribute of the cookie, as that would otherwise defeat the meaning of
HttpOnly by just XSS and still have access to the cookie via JS and thus make the
HttpOnly on your cookie completely useless.
©2020 All rights reserved.