header bg

Question:

Which of the following is the most likely attempting to mitigate against if a security administrator sets the HttpOnly flag in cookies?

A XSS
Explaination

XSS is the only response that makes sense out of the options created. This option stops a client-side script from accessing cookies.