Support Article
HTTP Only DSS setting not working
SA-19758
Summary
Setting the Dynamic System Setting (DSS) 'prconfig/cookie/HttpOnly' to true does not set Pega cookies to HTTPOnly like it should
Error Messages
Not applicable
Steps to Reproduce
- Set Dynamic System Setting 'prconfig/cookie/HttpOnly' = true
- Restart Pega.
Root Cause
An issue in the custom application code or rules. The name of the DSS is incomplete
Resolution
Perform the following local-change: Use 'prconfig/cookie/HttpOnly/default' as the name of the DSS.
Published February 15, 2016 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.