"_pk_testcookie.1.b4ee=1; _pk_id.1.b4ee=..." is set by matomo, which leads to a security warning
"Security: Cookie Does Not Contain The "HTTPOnly" Attribute" on the security scanner qualysguard.
Can you add the HTTPOnly Attribute?
How to reproduce: Run a security test on any site with installed matomo (for eg. with qualysguard from qualys). Check results.
Expected behaviour: No warnings from the security scanner.
Hi @Findus23 ,
From the above comment made by you on June 24,2020
I understand that we cant set the cookies as HTTPOnly so it still remains as security issue , so can we disable these cookies and will it have any impact on the Matomo tracking functionality?
This issue has been mentioned on Matomo forums. There might be relevant details there: