Which of the following flags should the tester recommend to prevent a JavaScript payload from accessing the cookie?
A tester identifies an XSS attack vector during a penetration test. Which of the following flags should the tester recommend to prevent a JavaScript payload from accessing the cookie? A. Secure B. Domain C. Max-Age D. HttpOnly