From what I understand, HttpOnly cookies cannot be read by client js but they are passed by the browser with any subsequent requests. If an attacker is able to
jolokia
product-variations
ones-complement
executable-path
weasyprint
dafny
google-cloud-talent-solution
sharpkml
discovery
chromium-os
french
spring-autoconfiguration
record
gulp-notify
utf-7
pysmt
service-fabric-stateless
boxstarter
jung
rewardedvideoad
el
particle-system
amazon-ebs
row
cloudera
dojo.xhrget
screen-off
arpeggio
datetime-local
swagger-jsdocs
