Instance Property

HTTPOnly

A Boolean value that indicates whether the cookie should only be sent to HTTP servers.

Declaration

@property(readonly, getter=isHTTPOnly) BOOL HTTPOnly;

Discussion

The value of this property is YES if the cookie should only be sent using HTTP headers, NO otherwise.

Cookies can be marked as HTTP-only by a server (or by JavaScript code). Cookies marked as such must only be sent via HTTP Headers in HTTP requests for URLs that match both the path and domain of the respective cookies.

See Also

Securing Cookies

secure

A Boolean value that indicates whether this cookie should only be sent over secure channels.