- From: Hao Li <web-platform-tests-notifications@w3.org>
- Date: Sat, 28 Jun 2014 09:54:22 GMT
- To: public-web-platform-tests-notifications@w3.org
- A cookie without the HttpOnly flag means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible. View on GitHub: https://github.com/w3c/web-platform-tests/pull/1082
Received on Saturday, 28 June 2014 09:54:29 UTC