Skip to main content
No insecure cookies

Make sure to allow only allow access to your application cookies through HTTPS.

Gabriele Gallo Stampino avatar
Written by Gabriele Gallo Stampino
Updated over a week ago

Rationale

The isSecure attribute controls whether a cookie can only be accessed through HTTPS or not. By setting this attribute to false, sensitive cookies may be exposed if sent over an insecure connection.

Scope

  • Apex classes

Did this answer your question?