In addition, cookies over a site served through HTTPS should have the safe attribute enabled. On the web site which has sensitive info on it, the user and also the session can get exposed every time that web page is accessed with HTTP rather than HTTPS.[fourteen]Deploying HTTPS also lets the use of HTTP/2 and HTTP/three (and their predecessors SPDY