Clayton Advisor

Overview

The <isSecure> attribute controls whether a cookie can only be accessed through HTTPS or not. By setting this attribute to false, sensitive cookies may be exposed if sent over an insecure connection.

Business Impact

Increased risk of data breaches, financial loss, and reputational harm. Eroding customer trust and confidence.

Is your Salesforce solution affected by Insecure cookies?

Clayton detects anti-patterns and offers automated fix advice to kickstart your Well-Architected journey.

Scan your solution

Resources

Cookie Class
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

Incidence

How common is this issue?

lower

Exposure

How long do organizations remain exposed before fixing the problem?

92%

shorter

Frameworks

Trusted

Secure

Data Security

Use of Encryption

Found a mistake?

If you think something is incorrect, missing or misleading please let us know.

Report an error