In a recent vulnerability scan of our website, the following issue related to sharethis was found:
The cookie does not contain the "HTTPOnly" attribute.
Cookie Name(s): st_samesite, fpestid
This is how we use sharethis on our website:
Javascript:
<script type="text/javascript" src="//platform-api.sharethis.com/js/sharethis.js#property=123456789&product=inline-share-buttons" async="async">
HTML:
<div id="share-buttons" class="share-buttons">
<div class="share-button-main share-button-redesign" aria-label="Share Menu" title="Share Menu" tabindex="0"></div>
<a href class="share-button share-facebook st-custom-button" aria-label="Facebook" title="Share on Facebook" data-network="facebook" tabindex="0"></a>
<a href class="share-button share-x st-custom-button" data-network="twitter" aria-label="X" title="Share on X" tabindex="0"></a>
<a href class="share-button share-email st-custom-button" aria-label="email" title="Share via email" data-network="email" tabindex="0"></a>
</div>
Any way to fix this issue?
You need to sign in to view this answers
