Cookies used by My ASP.NET application did not have the HTTPOnly flag set.
HiCookies used by My ASP.NET application did not have the HTTPOnly flag set.
This could allow a client-side script to access the cookie and reveal it to the attacker.
How Can I Prevent that?