Tealium iQ Tag Management

homerocavazos · ‎09-15-2017

Hailstorm scan complains that 'utag_main' does not have HTTPOnly attribute. Is there a way to fix this vulnerability?

craig_rouse · ‎09-18-2017

Hi @homerocavazos. This warning can be safely ignored. The HTTPOnly flag is only used for cookies set on the server-side, and it is not possible to set this flag when creating a cookie using JavaScript.

Since Tealium iQ is a client-side technology, we are setting the utag_main cookie using JavaScript. Therefore, it is not possible to set the HTTPOnly flag.

Check out our new Swift integration library for iOS, macOS, tvOS and watchOS: https://github.com/Tealium/tealium-swift with updated
documentation https://community.tealiumiq.com/t5/Swift/tkb-p/swift.

homerocavazos · ‎09-18-2017

This confirms what I believed to be the case.

Thanks.

Tealium iQ Tag Management

utag_main Cookie does not have HTTPOnly attribute.

utag_main Cookie does not have HTTPOnly attribute.

utag_main Cookie does not have HTTPOnly attribute.

Re: utag_main Cookie does not have HTTPOnly attribute.

utag_main Cookie does not have HTTPOnly attribute.

Re: utag_main Cookie does not have HTTPOnly attribute.

Need to create attribute

Re: Keying off multiple attributes to populate one.

Is there any way to add the custom cookie to cookie prefer...

Is it possible show consent again when have some new cooki...

Implementing Cookie Information (cookie consent)

Audience creation: as fast as possible or not depending on...

Products

Company