ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Disable client-side scripts from reading cookies

book

Article ID: 236858

calendar_today

Updated On:

Products

CA Performance Management - Usage and Administration DX NetOps

Issue/Introduction

Cookies exchanged between the web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data.

Environment

Dx NetOps Performance Management 21.2.x

Resolution

On 21.2.x we do httpOnly for client side cookies.  We also use "secure" tag on cookies if https is enabled.  DevTools needs to be utilized to confirm behavior

Attachments