A web application configures client cookies with the HTTPOnly flag. What is the effect of this flag?
- It informs the web client that the cookie is a persistent cookie.
- It forces the web browser to have the cookies processed only by the server.
- It requires the web browser to establish a secure HTTPS link to the server.
- It indicates to the web browser that web client-based code can access the cookie.
| Explanation & Hint:
Configuring a cookie with the HTTPOnly flag forces the web browser to have this cookie processed only by the server, and any attempt to access the cookie from client-based code or scripts is strictly forbidden. |