We have a request to change some code on our site to get PCI compliant. The request is as follows.
The application does not utilise HTTP-only cookies. This is a new security feature introduced by Microsoft in IE 6 SP1 to mitigate the possibility of successful Cross-site Scripting attacks by not allowing cookies with the "HttpOnly" flag to be accessed via client-side scripts.
Can anyone briefly confirm what the issue is here an what we need to do? Is there a line of code we need to change or insert. Any comment much appreciated.
WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite. Learn more about what this means for you and how you can improve your security with WatchGuard today!