getting the following error when running vulnerability scan: missing the "httpOnly" attribute.. The flaw is due to a cookie is not using the 'httpOnly' attribute. Thisallows a cookie to be accessed by JavaScript which could lead to session hijacking...