Skip to main content

Question

 Christophe LIMA (ChristopheL4736) Capgemini System Architect
Capgemini
FR
ChristopheL4736 Member since 2019 3 posts
Capgemini
Posted: Jun 7, 2023
Last activity: Oct 16, 2023
Posted: 7 Jun 2023 6:03 EDT
Last activity: 16 Oct 2023 17:09 EDT

Pega 8.7.4 - Should Pega-Perf Cookie Have Secure and HTTPOnly Attributes ?

We recently discovered that the Pega-Perf do not have the HTTPOnly flags set ( Pega 8.7.4 ) .

Is this expected for this cookie?

Are there any security concerns for this cookie with those flags not being set?

Is there a way to update these flags if there are security concerns?

Any help or clarifications will be appreciated.

Thanks!

***Edited by Moderator: Bhavana S to add capability tags, Product tag and Product version***
Pega Platform 8.7.4 Security Low-Code App Development Senior System Architect
  • Reply

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice