[CWD-1874] Make Crowd token cookies httponly - Create and track feature requests for Atlassian products.

XML

Word

Printable

Details

Type: Suggestion
Status: Closed (View Workflow)
Resolution: Duplicate
Fix Version/s: 2.0.4
Component/s: None
Labels:
None

Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

Description

Makes them unusable by injected JS.

Note: there may be some complications with this; talk to Matt Quail about Tomcat.

Attachments

Issue Links

duplicates

CWD-1848 crowd.token_key cookie should be HttpOnly

Closed

Activity

People

Assignee:: Unassigned

Reporter:: David O'Flynn [Atlassian]

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 21/Apr/2010 3:22 AM

Updated:: 19/Sep/2019 5:51 AM

Resolved:: 19/Oct/2010 10:19 PM