Validates cookie security attributes and configuration
This checker analyzes Set-Cookie headers for security best practices including Secure, HttpOnly, and SameSite attributes. The checker retrieves all Set-Cookie headers from HTTP response, analyzes each cookie for security attributes, validates Secure, HttpOnly, and SameSite configuration, and checks for proper domain and path settings.
This checker analyzes Set-Cookie headers for security best practices including Secure, HttpOnly, and SameSite attributes. It retrieves all Set-Cookie headers from HTTP response, analyzes each cookie for security attributes, validates Secure, HttpOnly, and SameSite configuration, and checks for proper domain and path settings.
| Status | Condition | Test Logic |
|---|---|---|
| SUCCESS | All cookies secure | All cookies have recommended security attributes |
| WARNING | Cookies with recommendations | Cookies present with non-critical security recommendations |
| FAIL | Cookie security issues | Cookies have severe security issues (missing HttpOnly, etc.) |
Security Vulnerabilities: Insecure cookies can be stolen through XSS attacks or man-in-the-middle attacks. Data Breaches: Compromised cookies can lead to unauthorized access and data theft. Compliance Violations: Many security standards require secure cookie configuration.
Add this checker to your monitoring setup and start identifying issues on your websites today.