Hi, sometimes it could be useful when scanning a larger network range containing many webpages to check for a missing HttpOnly cookie flag to be able to report this.
The secpod_ssl_cookie_secure_flag_info_disc_vuln.nasl is already doing this for the missing secure flag. A NVT checking for the HttpOnly flag could be a near complete copy of the plugin above. Is / was a plugin like this already planned? Thanks in advance Chris _______________________________________________ Openvas-plugins mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-plugins
