View Single Post
  #2  
Old 05-31-2012, 09:59 AM
rshaynes rshaynes is offline
Whiz
.
 
Join Date: Mar 2010
Location: Eastern Time Zone, United States
Posts: 27
rshaynes has 12 reputation points
Default

The VPN Gateway SSL acceleration mode currently does not support adding the httponly flag on client-side connections and will remove (strip) any httponly flag sent by a server towards the client.

We are aware that this lack of support has implications for cross-site scripting exploitation (depending on the content being access via the secure connection) and PCI compliancy and are considering introducing this feature/function in a future release.
Reply With Quote