No insecure cookies

Make sure to allow only allow access to your application cookies through HTTPS.

Gabriele Gallo Stampino avatar
Written by Gabriele Gallo Stampino
Updated over a week ago


The isSecure attribute controls whether a cookie can only be accessed through HTTPS or not. By setting this attribute to false, sensitive cookies may be exposed if sent over an insecure connection.


  • Apex classes

Did this answer your question?