/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
We have performed an HP Fortify security scan of our ODP apps, and the scan raised the issue for cookies not having the HTTPOnly property set.
- Can the HTTPOnly property be set for SMP cookies?
- Should this property be set to increase security?
Read more...
Environment
- Windows 2008R2
- SAP Mobile Platform (SMP) 2.3.x, 3.0.x
- Online Data Proxy (ODP) application
Product
SAP Mobile Platform 2.3 ; SAP Mobile Platform 3.0
Keywords
KBA , cross-site-scripting , xss , x-sup-sessid , kapsel , saml , cookie , javascript , maf , registration , MOB-SDK , SAP Mobile SDK , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)