Most websites have google analytics and/or facebook scripts in their website.
These scripts creates cookies that we don’t own and cannot update.
In the vulnerability report, these cookies caused level 2 issues:
( _fbp ) facebook cookies
( _gcl_au ) Google AdSense/Analytics cookies
Those cookies causes these 2 issues:
- 150123 Cookie Does Not Contain The "HTTPOnly" Attribute
- 150122 Cookie Does Not Contain The "secure" Attribute
Does anyone have a solution to apply these attributes?