Details
-
Suggestion
-
Resolution: Fixed
-
None
Description
NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.
atlassian.xsrf.token cookie needs the 'Secure' attribute set (when JIRA is configured to use HTTPS), to prevent interception of said cookie's plain text.
Attachments
Issue Links
- duplicates
-
JRASERVER-35409 The xsrf cookie token is not a 'secure' cookie for secure('https') requests
- Closed
- relates to
-
JRACLOUD-40949 Provide atlassian.xsrf.token with secure flag
- Closed
- mentioned in
-
Page Loading...