Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-9394

Option to disable "secure" cookie when using HTTPS just for login page

XMLWordPrintable

    • 8
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Confluence's "remember me" tickbox doesn't work if the login page is secure, but the rest of the application is unsecured.

      Seraph's CookieUtils.setCookie() method create a secure cookie (ref) if the request had a secure URL, and this cookie isn't sent by the client to a non-secure address.

      The solution to this ticket is to upgrade Confluence to use Seraph to 0.10 or later.

              Unassigned Unassigned
              stephenmorad Stephen Morad
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: