Session Cookies are being set twice.

Session Cookies are being set twice.

by Ivan Marquez -
Number of replies: 2

We have performed a penetration testing on one of our moodle installations and the penetration testing flag an error on the session.

Aplication does not properly set security and privacy related flags for the following cookies:
  • MoodleSession (Some attributes are set twice)
Could anyone help me what fixes can I do?
Average of ratings: -
In reply to Ivan Marquez

Re: Session Cookies are being set twice.

by Tim Hunt -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers
That is not a very clear report. When it says 'flags' does that mean ones like HttpOnly? I'm pretty sure Moodle does that. Anyway, we need more info to make sense of this.
Average of ratings: -