What does the Secure flag on a cookie do?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the eLearnSecurity Junior Penetration Tester exam with our comprehensive quiz platform. Improve your skills with multiple-choice questions, detailed explanations, and exam tips. Get exam ready with ease!

Multiple Choice

What does the Secure flag on a cookie do?

Explanation:
The Secure flag restricts when a cookie is sent by the browser. When this flag is set, the cookie will only be included in requests that are transmitted over a secure connection (HTTPS). This helps protect the cookie from being exposed if someone is eavesdropping on an insecure network, since the value isn’t sent over plain HTTP. It’s important to note that Secure does not encrypt the cookie contents itself; encryption is provided by using TLS/HTTPS for the connection. It also doesn’t control whether a cookie can be accessed by client-side scripts (that’s the role of HttpOnly) or which domains or paths receive the cookie (that’s controlled by Domain and Path attributes).

The Secure flag restricts when a cookie is sent by the browser. When this flag is set, the cookie will only be included in requests that are transmitted over a secure connection (HTTPS). This helps protect the cookie from being exposed if someone is eavesdropping on an insecure network, since the value isn’t sent over plain HTTP.

It’s important to note that Secure does not encrypt the cookie contents itself; encryption is provided by using TLS/HTTPS for the connection. It also doesn’t control whether a cookie can be accessed by client-side scripts (that’s the role of HttpOnly) or which domains or paths receive the cookie (that’s controlled by Domain and Path attributes).

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy