Lack of Http Only Cookie Flag
When a user accessing other sites which are vulnerable to Cross-Site Scripting might be affected since that site will have access to the session cookies set in the Parks Australia application. How can I add a proper HttpOnly flag in my redmine installation.
#1 Updated by Toshi MARUYAMA over 5 years ago
- Status changed from New to Closed
- Resolution set to Invalid