Uploaded image for project: 'MyFaces Core'
  1. MyFaces Core
  2. MYFACES-3639

The flash scope cookie is not HttpOnly

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 2.1.9
    • 2.2.4
    • General
    • None

    Description

      The oam.Flash.RENDERMAP.TOKEN cookie does not have the HttpOnly flag set. Many security policies require that cookies have HttpOnly set if possible.

      Attachments

        1. MyFaces-3639Pathv2.0.patch
          0.6 kB
          Paul Nicolucci
        2. MyFaces-3639Pathv2.1.patch
          0.6 kB
          Paul Nicolucci

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. MYFACES-3005 Only send Flash cookie if needed

          • Major - Major loss of function.
          • Closed

          Activity

            People

              lu4242 Leonardo Uribe
              gadbois David Gadbois
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: