IAC-NonGateway cookie is insecure and cannot be deleted
IAC-NonGateway cookie was used by the system. However, IAC was not used. Security requirements were not met. The secure and HTTPOnly flags were not set True.
Steps to Reproduce
A defect in Pegasystems’ code or rules:
The IAC-NonGateway cookie should not be used in this situation provided the URLObfuscation/Encryption setting is not used and IAC is not used.
0% found this useful