What is the significance of using HttpOnly cookies in the context of XSS prevention?

  • They are encrypted during transmission
  • They can only be accessed via HTTP
  • They cannot be accessed by JavaScript
  • They have a longer expiration time
HttpOnly cookies cannot be accessed by JavaScript, making them more secure against XSS attacks as malicious scripts won't have access to sensitive cookie information.
Add your answer
Loading...

Leave a comment

Your email address will not be published. Required fields are marked *