killchain-compendium/Cookie Tampering.md at abdd320037d785985b19aa064e6ec30f745201ee - killchain-compendium - Gitea: Git with a cup of tea

401 B

Raw Blame History

Components

Separator is ;
Name
Value
Domain
Path
Expires/Maxage
Size
HttpOnly, no access by client side scripts
Secure, HTTPs only
SameSite, cookie sent through cross-site request
SameParty, firt party requests only
Priority

Response

May look like this

Set-Cookie: <cookie-name>=<cookie-value>; Domain=<domain-value>; Secure; HttpOnly