[MYFACES-4418] Same Site and HSTS support - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Critical
Resolution: Duplicate
Affects Version/s: 2.3.9
Fix Version/s: None
Component/s: General
Labels:
None
Environment:
Redhat Linux

Description

Security auditors have pointed out that the session cookie oam.Flash.RENDERMAP.TOKEN and other myfaces cookies are not handling Same Site and HTTP Strict Transport Security.

I do not know how to reply to this although I have looked around for information I cannot find any.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Andrew Charles Cilia

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 07/Oct/21 06:56

Updated:: 07/Oct/21 09:15

Resolved:: 07/Oct/21 09:15