Set Outsystems Cookies HTTPPOnly

Set Outsystems Cookies HTTPPOnly


Hi everyone,

I'm working a client that runs security tests on Outsystems pages and one of the warnings is that pageLoadedFromBrowserCache cookie should be HTTPOnly. There is a way to configure this on Lifetime?



Hello Marcelo,

I believe that's an IIS configuration. [Additional link] [And another one]

If you have on-premises, you should be able to do it yourself. If not, I would advise contacting Support. Obviously, a better answer from more knowledgeable people may appear. :)