Add HttpOnly Cookie Option to Advance Tracking

JavaScript must be installed and enabled to use these boards. Your browser appears to have JavaScript disabled or does not support JavaScript. Please refer to your browser's help file to determine how to enable JavaScript.

HubSpot Ideas

Search HubSpot Ideas or Create Idea

Status:

Currently, under Advance Tracking we have "Use secure cookies only" option but there is no "HttpOnly" option.

Cookies without the "HTTPOnly" attribute are permitted to be accessed via JavaScript. Cross-site scripting attacks can steal cookies which could lead to user
impersonation or compromise of the application account.

It will be great if we have this option.

Screen Shot 2022-01-10 at 11.24.54 AM.png

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Reply to Idea