trnxtrnx
commented
1 year ago Here is a link for article on OWASP where is examples for different languages including Go. https://owasp.org/www-community/controls/SecureCookieAttribute
Open trnxtrnx opened 1 year ago
trnxtrnx
commented
1 year ago Here is a link for article on OWASP where is examples for different languages including Go. https://owasp.org/www-community/controls/SecureCookieAttribute
Hello. I use Asseto server manager on my server. I tried to run scan to my server with ESET VULNERABILITY ASSESSMENT and there were founded some middle severity vulnerabilities. First was "Missing 'HttpOnly' Cookie Attribute (HTTP)" and second "Missing 'Secure' Cookie Attribute (HTTP)".
Is possible to secure it? These warns are presented only for this web app. Other websites, which run on Apache are without the problem. Below I added some report (screenshots) of the scan.