The httpCookies element supports the use of HttpOnly cookies. HttpOnly cookies (cookies with the HttpOnly attribute) were introduced in Internet Explorer 6 to help mitigate the risk of cross-site scripting. The HttpOnly attribute prevents cookies from being accessed through client-side script. Any information contained in an HttpOnly cookie is less likely to be disclosed to a hacker or a malicious Web site. For more information, search MSDN (msdn.microsoft.com) for "HttpOnly."