← All tools
Free security tool
Check cookie flags that protect sessions
Inspect cookie Secure, HttpOnly, and SameSite attributes so sessions are harder to steal or misuse.
Run the full scan
Get this check plus the complete WebSentry security report for the URL.
What it checks
Secure flag
HttpOnly flag
SameSite policy
Session cookie exposure
Third-party cookie posture
Why it matters
Cookies often carry sessions and account state. Missing flags can increase the risk of theft, leakage, or cross-site request abuse.
Common fixes
Set Secure on HTTPS cookies
Use HttpOnly for session cookies
Set SameSite=Lax or Strict where possible
Turn one check into ongoing protection.
Create an account to save scan history, export reports, and monitor sites for security grade drops.