I was told to use property "session.cookie_httponly".
I read up on it.
I can see how it will help session security.
My question: Does doing this eliminate the use
of cookies for other user profile information?
In other word:
Is the session cookie different from other application
cookies? And can a response include more that one
Can you receive both a session cookie and an application
cookie at the same time? or does using session cookies
prevent the use of other cookie?
Thanks for your support.