我有运行PHP和WordPress的Nginx. Acunetix建议设置这些标志,但它们不提供任何文档.我看了一下,但我还没有看到任何显示如何实现这一点的东西.我有这个模块:在Nginx上http://wiki.nginx.org/HttpHeadersMoreModule,如果这会有所帮助.有关如何设置这些标志的任何信息?谢谢.
按此处要求的cookie样本
Cookie: __cfduid=d3-shortened-08; cf_use_ob=0; wordpress_logged_in_6dfda-shortened-e3e82d5; __utma=21-shortened-436.19; __utmc=21519150; __utmz=2119150.1396063475.3.2.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided); testing=1; sid=a14-shortened-384; sessiontest=1; wp-settings-2=editor%3Dhtml%26wplink%3D0%26uploader%3D1%26mfold%3Do%26ed_size%3D677%26libraryContent%3Dbrowse%26urlbutton%3Dfile; wp-settings-time-2=139745167; wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_a9-shortened-d2a7=DrDinosaur%7C1397980-shortened-2f9
最佳答案
编辑您的php.ini并设置session.cookie_httponly和session.cookie_secure或在您的应用程序中使用setcookie.