What are HTTP only Cookies?
Last Updated: April 23, 2020
An HTTP only cookie is a typical browser cookie with the purpose of storing information in a specific way. The HTTPOnly is a tag that is added to a typical cookie that tells the browser to not display the cookie through a client-side script. It provides a gate that prevents the specialized cookie from being accessed by anything other than by the server. It's an additional risk mitigation flag that helps prevent any risk in protected cookies, thus making them more secure.