Cookies Collected

info Web Application Scanning Plugin ID 98061

Synopsis

Cookies Collected

Description

The scanner collected the cookies returned by the application during the scan. The list includes the following information for each cookie:
- Name: name of the cookie
- Value: value of the cookie
- Domain: hosts to which the cookie will be sent
- Path: URL path which must exist in the requested resource before sending the cookie
- Expires: maximum lifetime of the cookie as an HTTP-date timestamp
- Max-Age: number of seconds until the cookie expires
- HttpOnly: cookie is set to be not accessible via JavaScript, XMLHttpRequest and Request APIs
- Secure: cookie will be sent to the server only when a request is made using HTTPS
- SameSite: cookie will be sent along with cross-site request according the defined policy
- URL: first URL discovered which set the cookie in its response
- Set-Method: method used by the application to set the cookie (Set-Cookie or JavaScript)
- Audited: cookie will be audited by plugins during the scan
- Reason Not Audited: reason given for the cookie not being audited during the scan

See Also

https://en.wikipedia.org/wiki/HTTP_cookie

https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies

https://tools.ietf.org/html/rfc6265

Plugin Details

Severity: Info

ID: 98061

Type: remote

Published: 9/1/2020

Updated: 11/23/2021

Scan Template: api, scan, pci, overview