Great! HTTPOnly and Secure cookie flag were found in the HTTP response headers as highlight below.
HTTPOnly cookie found as highlighted below. You may also consider implementing a Secure flag.
Secure cookie found as highlight below. You may also consider implementing HTTPOnly flag.
Couldn’t find the HTTPOnly or Secure cookie flag in the response headers.
About Secure Cookie Test
Your website sends cookies to the browser. Good! But are they secure?
A simple implementation like injecting HTTPOnly and Secure in Set-Cookie header can prevent web vulnerabilities such as cross-site scripting (XSS).
Geekflare Secure Cookie Test checks the HTTP response headers for Set-Cookie.
If you need help with the implementation, then check out the following guide.
More tools for your Website
Check if your site or IP can respond to ping globallyTest Now
Traceroute your IP or site to find network related issueTest Now
TLS 1.3 Test
Test supported TLS version on the siteTest Now
Check the supported protocol, server preferences, certificate details, common vulnerabilities and moreTest Now
Check if DNS Security Extensions is enabled on your domainTest Now
TCP Port Scanner
Quickly find out what ports are open on public Internet-facing IP or websiteTest Now