diff --git a/server/src/controller/user/login.controller.ts b/server/src/controller/user/login.controller.ts
index 2a788f9..e500fd0 100644
--- a/server/src/controller/user/login.controller.ts
+++ b/server/src/controller/user/login.controller.ts
@@ -32,6 +32,7 @@ export const loginUser = async (req, res) => {
     })
 
     res.cookie('token', token, {
+      httpOnly: true,
       secure: true,
       sameSite: 'none',
       maxAge: 24 * 60 * 60 * 1000,
diff --git a/server/src/controller/user/register.controller.ts b/server/src/controller/user/register.controller.ts
index 1649a2b..61215ab 100644
--- a/server/src/controller/user/register.controller.ts
+++ b/server/src/controller/user/register.controller.ts
@@ -35,6 +35,7 @@ export const registerUser = async (req, res) => {
     })
 
     res.cookie('token', token, {
+      httpOnly: true,
       secure: true,
       sameSite: 'none',
       maxAge: 24 * 60 * 60 * 1000,