Complete the code to set a secure session cookie.
Set-Cookie: sessionId=abc123; [1]The HttpOnly attribute helps prevent client-side scripts from accessing the session cookie, enhancing security.
Complete the code to ensure the session cookie is only sent over HTTPS.
Set-Cookie: sessionId=abc123; [1]The Secure attribute ensures the cookie is only sent over secure HTTPS connections, protecting it from being intercepted.
Fix the error in the session cookie attribute to prevent cross-site request forgery.
Set-Cookie: sessionId=abc123; HttpOnly; [1]The SameSite=Strict attribute prevents the browser from sending the cookie along with cross-site requests, reducing CSRF risks.
Fill both blanks to create a secure session cookie that expires after one hour and is restricted to the root path.
Set-Cookie: sessionId=abc123; [1]; [2]
Max-Age=3600 sets the cookie to expire after one hour. Path=/ restricts the cookie to the root path of the website.
Fill all three blanks to define a secure session cookie that is HttpOnly, Secure, and uses strict same-site policy.
Set-Cookie: sessionId=abc123; [1]; [2]; [3]
Setting HttpOnly prevents JavaScript access, Secure ensures transmission over HTTPS only, and SameSite=Strict protects against CSRF attacks.