In a scenario where a user's session cookies are stolen via XSS, what security measures could have prevented this?
- Cross-Site Request Forgery (CSRF) Token
- Data Encryption
- HttpOnly Cookies
- Multi-Factor Authentication (MFA)
The use of HttpOnly Cookies, which cannot be accessed by JavaScript, is a security measure that could have prevented the theft of session cookies via XSS. By restricting access, the impact of XSS attacks on session data can be mitigated.
Loading...
Related Quiz
- When using a CallableStatement, the method _________ is used to register an OUT parameter.
- _________ is a security standard that prevents the browser from interpreting user input as script.
- How does the 'String Pool' in Java affect memory management?
- The __________ object provides the filter with information about its initialization parameters.
- How would you ensure a filter only processes requests for a specific servlet?