Project

General

Profile

Actions
Copy link

Feature #20935

closed

Set autologin cookie as secure by default when using https

Added by Jean-Philippe Lang almost 10 years ago. Updated almost 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Jean-Philippe Lang
Category:
Security
Target version:
3.2.0
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed

Description

The secure flag for the autologin cookie can be configured in configuration.yml. Instead of setting it to false by default, it should be set to true when using SSL.

Related issues

Related to Redmine - Feature #21697: Set secure flag of the session cookie depending on original requestReopened

Actions
Actions
Copy link
 #1

Updated by Jean-Philippe Lang almost 10 years ago

  • Subject changed from Set session cookie as secure by default when using https to Set autologin cookie as secure by default when using https
  • Description updated (diff)
  • Status changed from New to Closed
  • Resolution set to Fixed
Actions
Copy link
 #3

Updated by Go MAEDA over 9 years ago

  • Has duplicate Feature #21697: Set secure flag of the session cookie depending on original request added
Actions
Copy link
 #4

Updated by Go MAEDA over 9 years ago

  • Has duplicate deleted (Feature #21697: Set secure flag of the session cookie depending on original request)
Actions
Copy link
 #5

Updated by Go MAEDA over 9 years ago

  • Related to Feature #21697: Set secure flag of the session cookie depending on original request added
Actions
Copy link

Also available in: Atom PDF