Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-1874

Make Crowd token cookies httponly

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Duplicate
    • 2.0.4
    • None
    • None

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      Makes them unusable by injected JS.

      Note: there may be some complications with this; talk to Matt Quail about Tomcat.

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. CWD-1848 crowd.token_key cookie should be HttpOnly

          • Low - Low priority issues
          • Closed

          Activity

            People

              Unassigned Unassigned
              doflynn David O'Flynn [Atlassian]
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: