Moreover, cookies with a web-site served through HTTPS must have the secure attribute enabled. Over a web-site that has sensitive info on it, the user and the session can get exposed each and every time that web site is accessed with HTTP as an alternative to HTTPS.[14]Info is shipped over the relationship in distinct textual content. An eavesdropp