This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests. To view the new OWASP Foundation website, please visit https://owasp.org Overview The goal of this section is to introduce, discuss, and provide language specific mitigation techniques for HttpOnly. Who developed HttpOnly? When? According to a daily blog article by Jordan Wiens, “No cookie for you!”, HttpO