ASVS Requirement 3.3.5

• Level: 3
• Chapter: V3 Web Frontend Security
• Section: V3.3 Cookie Setup
• Source: 0x12-V3-Web-Frontend-Security.md

Description

Verify that when the application writes a cookie, the cookie name and value length combined are not over 4096 bytes. Overly large cookies will not be stored by the browser and therefore not sent with requests, preventing the user from using application functionality which relies on that cookie.