An engineer is developing an application that must store the session information for a web app on the browser and the JavaScript code must be prevented from accessing the session cookie. What must be implemented to meet the requirements?
The answer is A. Enable the HttpOnly flag.
The HttpOnly flag is a security feature that prevents JavaScript code from accessing the session cookie. This is done by preventing the browser from exposing the session cookie in the Document Object Model (DOM).
I'm more into A:
With HttpOnly flag enabled JavaScript won't be able to read auth cookies.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.350-901 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
johntermlen
9 months, 4 weeks agoThePokemonNuzlockingMaster
10 months, 3 weeks agoFedesarucho
1 year, 1 month agoFedesarucho
1 year, 1 month agomkOwl
1 year, 1 month ago