Cookies should be protected. This tool analyzes the cookies set by your website to ensure they have the 'Secure' (HTTPS only) and 'HttpOnly' (No JavaScript access) flags enabled.
Ready to scan...
It prevents JavaScript from reading the cookie, stopping XSS attacks from stealing user sessions.