It allows the cookies if successfully stolen via an XSS attack to be possibly viewed. Cisco should support the Http Only flag, but they have not put a fix in for this and don't appear to have any plans to do so.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
