Title: HttlOnly Flag for cookie
Last modified: August 31, 2016

---

# HttlOnly Flag for cookie

 *  [ananthakumar](https://wordpress.org/support/users/ananthakumar/)
 * (@ananthakumar)
 * [10 years, 4 months ago](https://wordpress.org/support/topic/httlonly-flag-for-cookie/)
 * Session Cookie without HttpOnly flag set
    Severity Low Type Informational Reported
   by module Crawler Impact Description This cookie does not have the HTTPOnly flag
   set. When a cookie is set with the HTTPOnly flag, it instructs the browser that
   the cookie can only be accessed by the server and not by client-side scripts.
   This is an important security protection for session cookies. None Recommendation
   If possible, you should set the HTTPOnly flag for this cookie. Affected items
   Details / Cookie name: “liked-)” Cookie domain: “xxx”
 * [https://wordpress.org/plugins/wp-like-button/](https://wordpress.org/plugins/wp-like-button/)

The topic ‘HttlOnly Flag for cookie’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/wp-like-button_d09e60.svg)
 * [WP Like Button](https://wordpress.org/plugins/wp-like-button/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wp-like-button/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wp-like-button/)
 * [Active Topics](https://wordpress.org/support/plugin/wp-like-button/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wp-like-button/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wp-like-button/reviews/)

 * 0 replies
 * 1 participant
 * Last reply from: [ananthakumar](https://wordpress.org/support/users/ananthakumar/)
 * Last activity: [10 years, 4 months ago](https://wordpress.org/support/topic/httlonly-flag-for-cookie/)
 * Status: not resolved