Closed
Pega 7.4 - Should Pega-Perf Cookie Have Secure and HTTPOnly Attributes?
I recently discovered the Pega-Perf cookie and noticed that the Secure and HTTPOnly flags are not set for this cookie. Is this expected/correct for this cookie? Are there any security concerns for this cookie with those flags not being set? Is there a way to update these flags if there are security concerns? Any help or clarifications is appreciated. Thanks!
***Edited by Moderator: Pooja Gadige to add platform capability tag***
To see attachments, please log in.