Third party cookies - does secure, httponly matter?

Information Security Asked by Pang Ser Lark on November 21, 2021

Was viewing this page on cookies and wondering for those under Third party cookies, such as TS*, TS01*, TSXXXXXXX_d, what does it mean by them being a "security" cookie? Does it mean there is no need to secure such cookies by configuring things like httponly/secure flags? thanks

One Answer

The TS* cookies belong to an F5 load balancer, which also acts as a security device (especially via it's Application Security Module (ASM)). The cookies and their various uses are described here.

I would interpret the web site describing these cookies as "Security" as meaning they're put in place and used by a security device, as opposed to the web site itself. They are, in fact, not marked secure by default, although it is possible to add that.

Answered by gowenfawr on November 21, 2021

Add your own answers!

Related Questions

Jenkins malicious process identification

2  Asked on October 28, 2021 by nemanja-martinovic


Does encrypted content in a database need to be signed?

1  Asked on October 28, 2021 by ian-warburton


WhatsApp account got “hacked”/hijacked?

1  Asked on October 28, 2021 by d-a-vorm


iCloud deletion

1  Asked on October 28, 2021 by mp115


Difference between Zeek (Bro) and Snort 3

2  Asked on October 28, 2021 by ustavsaat


Help Understanding PHP Reverse Shells

1  Asked on October 28, 2021 by pdawg


Refresh token using a separate auth server?

0  Asked on October 28, 2021


Is the perfect MITM attack possible?

1  Asked on October 28, 2021 by user238715


What attack vectors does arbitrary JS on a user profile allow?

2  Asked on October 28, 2021 by sellarafaeli


Processing Exceptionally High Volume Singular Flows

1  Asked on March 9, 2021 by reedghost


Ask a Question

Get help from others!

© 2023 All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP