/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
There are cookies set by the Netweaver Application server that do not have 'Secure' and/or 'HttpOnly' attributes. This cookie have been highlighted during a vulnerability scan for example.
Ensuring that these cookies are set with 'Secure' and 'HttpOnly' attributes is desirable
Read more...
Environment
SAP Netweaver Application Server Java
Product
SAP NetWeaver Application Server for Java all versions
Keywords
HttpOnly, Secure flag, missing, ESSIONID, saplb, JSESSIONMARKID, SystemCookiesHTTPSProtection, SystemCookiesDataProtection. , KBA , BC-JAS-WEB , Web Container, HTTP, JavaMail, Servlets , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)