[AMBARI-13272] Backport from 2.1.0 - Set HttpOnly and Secure flags for Ambari session cookies - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.2
Fix Version/s: 2.0.3
Component/s: None
Labels:
None

Description

Ambari should set the following flags for session cookies.

1) https://www.owasp.org/index.php/HttpOnly

2) https://www.owasp.org/index.php/SecureFlag

#2 only needs to be set when people configure for Ambari HTTPS

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

AMBARI-13272_branch-2.0.maint_01.patch
30/Sep/15 12:36
14 kB
Robert Levas

Issue Links

is a clone of

AMBARI-11129 Set HttpOnly and Secure flags for Ambari session cookies

Resolved

links to

Activity

People

Assignee:: Robert Levas

Reporter:: Robert Levas

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 30/Sep/15 01:20

Updated:: 01/Oct/15 14:58

Resolved:: 01/Oct/15 14:58