Tealium iQ Tag Management

homerocavazos · ‎09-15-2017

Hailstorm scan complains that 'utag_main' does not have HTTPOnly attribute. Is there a way to fix this vulnerability?

craig_rouse · ‎09-18-2017

Hi @homerocavazos. This warning can be safely ignored. The HTTPOnly flag is only used for cookies set on the server-side, and it is not possible to set this flag when creating a cookie using JavaScript.

Since Tealium iQ is a client-side technology, we are setting the utag_main cookie using JavaScript. Therefore, it is not possible to set the HTTPOnly flag.

Check out our new Swift integration library for iOS, macOS, tvOS and watchOS: https://github.com/Tealium/tealium-swift with updated
documentation https://community.tealiumiq.com/t5/Swift/tkb-p/swift.

homerocavazos · ‎09-18-2017

This confirms what I believed to be the case.

Thanks.

Tealium iQ Tag Management

utag_main Cookie does not have HTTPOnly attribute.

utag_main Cookie does not have HTTPOnly attribute.

utag_main Cookie does not have HTTPOnly attribute.

Re: utag_main Cookie does not have HTTPOnly attribute.

utag_main Cookie does not have HTTPOnly attribute.

Re: utag_main Cookie does not have HTTPOnly attribute.

Universal AudienceStream attribute which identifies Deskto...

Setting visitor attributes between Tealium profiles?

UDO variable is not populating visitor attribute consisten...

can we import attributes from server-side-platform to IQ t...

Format inheritance for timestamp attributes

Attach attributes to the generic script tag

Products

Company