Defect #25239: Lack of Http Only Cookie Flag - Redmine

Actions

Copy link

Defect #25239

closed

Lack of Http Only Cookie Flag

Added by ajeesh b over 7 years ago. Updated over 7 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

Target version:

Start date:

Due date:

% Done:

Estimated time:

Resolution:

Invalid

Affected version:

Description

When a user accessing other sites which are vulnerable to Cross-Site Scripting might be affected since that site will have access to the session cookies set in the Parks Australia application. How can I add a proper HttpOnly flag in my redmine installation.

History
Notes
Property changes

Actions

Copy link

Updated by Toshi MARUYAMA over 7 years ago

Status changed from New to Closed
Resolution set to Invalid

http://stackoverflow.com/questions/29143594/set-session-cookie-as-secure-in-rails

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Redmine

Custom queries

Defect #25239

Lack of Http Only Cookie Flag

Updated by Toshi MARUYAMA over 7 years ago