3.4.4 Cookie-based session tokens provide session cookie confidentiality¶
Verify that cookie-based session tokens use “__Host-” prefix (see references) to provide session cookie confidentiality.
| Level 1 | X |
| Level 2 | X |
| Level 3 | X |
| CWE | NIST |
|---|---|
| 16 | 7.1.1 |
Verify that cookie-based session tokens use “__Host-” prefix (see references) to provide session cookie confidentiality.
| Level 1 | X |
| Level 2 | X |
| Level 3 | X |
| CWE | NIST |
|---|---|
| 16 | 7.1.1 |