Question
Capgemini
FR
Last activity: 16 Oct 2023 17:09 EDT
Pega 8.7.4 - Should Pega-Perf Cookie Have Secure and HTTPOnly Attributes ?
We recently discovered that the Pega-Perf do not have the HTTPOnly flags set ( Pega 8.7.4 ) .
Is this expected for this cookie?
Are there any security concerns for this cookie with those flags not being set?
Is there a way to update these flags if there are security concerns?
Any help or clarifications will be appreciated.
Thanks!