Details
-
Bug
-
Resolution: Fixed
-
Medium
-
6.1.1
-
None
-
6.01
-
2.6
-
Description
To prevent against man in the middle attacks the xsrf cookie token should have the 'secure' attribute set.
Attachments
Issue Links
- is duplicated by
-
JRASERVER-40949 Provide atlassian.xsrf.token with secure flag
- Closed
- is related to
-
JRASERVER-65735 Update the proxy documentation around setting the appropriate attributes when JIRA is behind a web server or proxy and is available by https://
- Gathering Interest
- mentioned in
-
Page Loading...