Defect #25239

Lack of Http Only Cookie Flag

Added by ajeesh b almost 6 years ago. Updated over 5 years ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:-
Target version:-
Resolution:Invalid Affected version:

Description

When a user accessing other sites which are vulnerable to Cross-Site Scripting might be affected since that site will have access to the session cookies set in the Parks Australia application. How can I add a proper HttpOnly flag in my redmine installation.

History

#1 Updated by Toshi MARUYAMA over 5 years ago

  • Status changed from New to Closed
  • Resolution set to Invalid

Also available in: Atom PDF