No insecure cookies
Make sure to allow only allow access to your application cookies through HTTPS.
Gabriele Gallo Stampino avatar
Written by Gabriele Gallo Stampino
Updated over a week ago

Rationale

The isSecure attribute controls whether a cookie can only be accessed through HTTPS or not. By setting this attribute to false, sensitive cookies may be exposed if sent over an insecure connection.

Scope

  • Apex classes

Did this answer your question?