Cookies Not Marked as Secure / Cookies with missing, inconsistent or contradictory properties

Question

EileenL17386615

Member since 2025

1 post

HKEX

Posted: 3 days 15 hours ago

Last activity: 3 days 15 hours ago

Posted: 18 Mar 2025 3:29 EDT
Last activity: 18 Mar 2025 3:29 EDT

Cookies Not Marked as Secure / Cookies with missing, inconsistent or contradictory properties

Report

I have scanned the system for security vulnerabilities and found the following vulnerabilities that need to be addressed.

Cookies Not Marked as Secure.
Cookies with missing, inconsistent or contradictory properties.

I confirmed my system configuration as follows.

\PegaXXX\Tomcat9\conf\web.xml

    -<session-config>
        <session-timeout>30</session-timeout>
        -<cookie-config>
            <http-only>true</http-only>
            <secure>true</secure>
        </cookie-config>
    </session-config>

System Settings

\PegaXXX\Tomcat9\conf\context.xml


    <CookieProcessor sameSiteCookies="strict"/>

How do I fix these two security vulnerabilities?

***Edited by Moderator Rupashree S. to add Capability tags***

To see attachments, please log in.

Pega Platform '23

Pega Platform

Case Management

Workflow Automation

Security

Financial Services

Customer Service Developer

Reply
Like (0)
Share this page Facebook Twitter LinkedIn Email Copying... Copied!

Question

Cookies Not Marked as Secure / Cookies with missing, inconsistent or contradictory properties

Need help or want to help others?

Experience the benefits of Support Center when you log in.

Question

Cookies Not Marked as Secure / Cookies with missing, inconsistent or contradictory properties

Related content:

Need help or want to help others?

Experience the benefits of Support Center when you log in.

We'd prefer it if you saw us at our best.