scanner icon indicating copy to clipboard operation
scanner copied to clipboard
Published 1 month ago verified publisher icon caido-community

cookie-secure and cookie-httponly are raising false positives

Open Corb3nik opened this issue 3 months ago • 0 comments

The following Set-Cookie header is raising findings for the cookie-secure and cookie-httponly checks, when both flags are there.

Set-Cookie: SNID=[redacted]_[redacted]-V5Aj-EDUJxQXg; expires=Tue, 07-Apr-2026 21:03:10 GMT; path=/verify; domain=.google.com; Secure; HttpOnly; SameSite=lax

Corb3nik avatar Oct 06 '25 21:10 Corb3nik