Guest Posted January 13, 2013 Posted January 13, 2013 Hi Everyone, I am trying to get my site and cart PCI Compliant (secure credit card transactions) and am using McAfee Secure. I am not getting this message: "Sensitive Cookie Missing 'HTTPONLY' Attribute" which means there is a security risk and something I have to fix. Anyone heard of this, know how to fix? My CubeCart is hosted on Bluehost. Thanks. Patrice Quote
Dirty Butter Posted January 13, 2013 Posted January 13, 2013 Someone who might be able to help you resolve this will need to know about your setup. Please create your signature with as much pertinent info as possible. Quote
bsmither Posted January 13, 2013 Posted January 13, 2013 The latest versions of CubeCart 5 sends the word httponly in the cookie. Note that it is lower-case. I have no knowledge if letter-case makes a difference. Quote
Guest Posted January 13, 2013 Posted January 13, 2013 HI, I have version 5.1.3 and this version gets the error. The fix, according to McAfee is: "Set the "HTTPONLY" flag for cookies containing sensitive information, particularly session tokens." Have no idea how to do this. The latest versions of CubeCart 5 sends the word httponly in the cookie. Note that it is lower-case. I have no knowledge if letter-case makes a difference.Hi, What other info are you referring to? I have version 5.1.3. It rests on Bluehost's servers. Thanks. Someone who might be able to help you resolve this will need to know about your setup. Please create your signature with as much pertinent info as possible. Quote
Dirty Butter Posted January 13, 2013 Posted January 13, 2013 You can find your server information on Admin/Dashboard/Store Overview. Knowing the CC version may be enough information to solve this, but I'm not knowledgeable enough to know if it is or not. And you may have issues in the future that could be resolved faster by not having to ask about your version of PHP and Server Software. Also it helps at times to know if this is a clean install or an upgrade and if so, from what. Having the link to your store can be helpful, too. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.