ASVS Requirement 3.3.1

• Level: 1
• Chapter: V3 Web Frontend Security
• Section: V3.3 Cookie Setup
• Source: 0x12-V3-Web-Frontend-Security.md

Description

Verify that cookies have the 'Secure' attribute set, and if the '__Host-' prefix is not used for the cookie name, the '__Secure-' prefix must be used for the cookie name.