5Kas
Is there a way to modify the value of a session token with HttpOnly flag set in this scenario?
SCENARIO:
When a user browses to the login page the web application sets SESSIONID=X; Httponly; before the authentication.
After the authentication NO new cookies are set. The only cookie used to identify the session is SESSIONID=X.
This s…