Project

General

Profile

Actions

Defect #25239

closed

Lack of Http Only Cookie Flag

Added by ajeesh b almost 8 years ago. Updated over 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Invalid
Affected version:

Description

When a user accessing other sites which are vulnerable to Cross-Site Scripting might be affected since that site will have access to the session cookies set in the Parks Australia application. How can I add a proper HttpOnly flag in my redmine installation.

Actions #1

Updated by Toshi MARUYAMA over 7 years ago

  • Status changed from New to Closed
  • Resolution set to Invalid
Actions

Also available in: Atom PDF