diff --git a/spring-web/src/main/java/org/springframework/http/ResponseCookie.java b/spring-web/src/main/java/org/springframework/http/ResponseCookie.java
index cbe65d1b8938..485550614fc2 100644
--- a/spring-web/src/main/java/org/springframework/http/ResponseCookie.java
+++ b/spring-web/src/main/java/org/springframework/http/ResponseCookie.java
@@ -110,7 +110,7 @@ public boolean isSecure() {
/**
* Return {@code true} if the cookie has the "HttpOnly" attribute.
- * @see https://www.owasp.org/index.php/HTTPOnly
+ * @see https://owasp.org/www-community/HttpOnly
*/
public boolean isHttpOnly() {
return this.httpOnly;
@@ -268,7 +268,7 @@ public interface ResponseCookieBuilder {
/**
* Add the "HttpOnly" attribute to the cookie.
- * @see https://www.owasp.org/index.php/HTTPOnly
+ * @see https://owasp.org/www-community/HttpOnly
*/
ResponseCookieBuilder httpOnly(boolean httpOnly);