Transport Layer Security (TLS) and Secure Sockets Layer (SSL) are cryptographic protocols that provide communication security over the Internet. These transport protocols use asymmetric cryptography for authentication of key exchange, symmetric encryption for confidentiality and message authentication codes for message integrity. Application users are recommended to use SSL.

Http Only flag is included in a Set-Cookie HTTP response header. With that, from a browser, a particular cookie should only be accessed by the server. Any attempt to access the cookie from a client script is strictly forbidden.