Missing secure options for cookie detected.
- Rule ID: java_lang_insecure_cookie
- Languages: java
- Source: insecure_cookie.yml
To make sure cookies don't open your application up to exploits or unauthorized access, make sure to set security options appropriately.
true to force cookies to only be sent over HTTPS
OWASP Top 10
To skip this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --skip-rule=java_lang_insecure_cookie
To run only this rule during a scan, use the following flag
bearer scan /path/to/your-project/ --only-rule=java_lang_insecure_cookie
Ready to take the next step? Learn more about Bearer Cloud.