Marks the cookie as accessible only through the HTTP protocol. This means that the cookie won't be accessible by scripting languages, such as JavaScript. This setting can effectively help to reduce identity theft through XSS attacks (although it is not supported by all browsers).
Edite o arquivo de configuração do php:
Edite o arquivo de configuração do php:
Adicione a linha, dentro da seção [Session]:
session.cookie_httponly = True
Salve o arquivo e reinicie o apache.
Salve o arquivo e reinicie o apache.
How to add the "HttpOnly" flag to the cookie (PHP)
![How to add the "HttpOnly" flag to the cookie (PHP)]()
Reviewed by Carlos Castro
on
julho 14, 2015
Rating:
.png)
.png)
Nenhum comentário: