What is the significance of using HttpOnly cookies in the context of XSS prevention?
- They are encrypted during transmission
- They can only be accessed via HTTP
- They cannot be accessed by JavaScript
- They have a longer expiration time
HttpOnly cookies cannot be accessed by JavaScript, making them more secure against XSS attacks as malicious scripts won't have access to sensitive cookie information.
Loading...
Related Quiz
- Which of the following is a common practice for ensuring thread safety in servlets?
- For a file upload, the request type must be __________.
- The __________ method of the FilterChain interface is used to invoke the next filter in the chain.
- In a scenario where a user's session cookies are stolen via XSS, what security measures could have prevented this?
- The method __________ is used to set the length of the content body in the response.