Hi all, I am using SonarQube 6.7.7 and I have a question for rule squid:S3330 “HttpOnly” should be set on cookies. On our application the HttpOnly attribute is set on web.xml instead on Java file. Could the rule also be applied to the web.xml file? I am using “[sonarPath]\sonar-scanner-cli-3.3.0.…

"HttpOnly" should be set on cookies rules for xml

fanny_tan (Fanny Tan) July 18, 2019, 2:37am 3

@saberduck
I want to check web.xml and raise issue on it when the setting is missing. Is it possible?

Topic		Replies	Views
Cookie without HttpOnly flag set sonarqube SonarQube Server / Community Build	3	905	July 26, 2022
Cookie HttpOnly being reported incorrectly Report False-positive / False-negative... java	2	604	October 1, 2019
Enable HTTP only and Secure flag on Sonar SonarQube Server / Community Build sonarqube	1	43	November 12, 2024
Rules are not applied in sonarqube analysis SonarQube Server / Community Build java , sonarqube , sonarqube-ide	8	3664	August 5, 2024
Sonarqube NOSONAR comment not working on xml web.config file SonarQube Server / Community Build sonarqube , nosonar	3	29	December 27, 2024