Missing HTTPOnly Attribute in Cookie
search cancel

Missing HTTPOnly Attribute in Cookie

book

Article ID: 247090

calendar_today

Updated On:

Products

Clarity PPM On Premise Clarity PPM SaaS

Issue/Introduction

Some cookies are set without the "HttpOnly" attribute included. How to enable HTTPOnly in Clarity?

Environment

Release : Any

Resolution

We have the option to set HTTP Only up in Clarity properties. Please do the following on a lower environment first:

1. Connect to CSA - Server - Application

2. Scroll down to the app instance settings and enable "Use HTTPOnly Session Cookie"

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=c2Pgw5X72R/xnokqG1XiKQ==

3. Repeat for app2 if you have one, on the same page, Save

4. Now switch the server in the Server drop down and change the setting for other servers in cluster, Save 

5. Restart all services