Attribute | Description |
---|---|
Comment | Short description of the intended use of the cookie |
Domain | DNS domain or IP address for which the cookie is valid |
HttpOnly | If present, the cookie cannot be accessed by a client-side script (e.g., written in JavaScript). Although non-standard, this attribute is supported by most Web browsers [4] |
Max-Age | Maximum period after which the cookie must be discarded |
Path | Subset of URLs on qualifying hosts for which the cookie is valid |
Port | List of TCP ports on qualifying hosts for which the cookie is valid |
Secure | If present, the cookie may be transported only over a secure (e.g., SSL-protected) channel |