Testing for cookies attributes (OTG-SESS-002)

This is a draft of a section of the new Testing Guide v3

Brief Summary
Cookies are often a key attack vector for malicious users and as such the application should always take due diligence to protect them. In this section we will look at how an application can take the necessary precautions when assigning cookies and how to test that these attributes have been correctly configured.

Description of the Issue
...here: Short Description of the Issue: Topic and Explanation

Black Box testing and example
Testing for Topic X vulnerabilities: ... Result Expected: ...

Gray Box testing and example
Testing for Topic X vulnerabilities: ... Result Expected: ...