what is the difference between Set-Cookie and cookie

My site is using https to transport data,and I scan it by appscan ,it told me that Set-cookie not secure ,but cookie is secure. so what is the difference between Set-Cookie and cookie .

1 Answer

Your server controls the Set-Cookie header, so if a browser does not provide the Cookie header, the server can decide to send a Set-Cookie. Then your browser decides to accept the cookie by sending back a Cookie header for the server to use. For example, if you have cookies disabled on the browser, it will not send back the Cookie header to the server.

The "Set-Cookie" header is sent from the web server and the browser sends the cookie back to the server in an HTTP header called "Cookie"

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like