Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-40949

Provide atlassian.xsrf.token with secure flag

    XMLWordPrintable

Details

    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

      atlassian.xsrf.token cookie needs the 'Secure' attribute set (when JIRA is configured to use HTTPS), to prevent interception of said cookie's plain text.

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-35409 The xsrf cookie token is not a 'secure' cookie for secure('https') requests

          • Medium - Medium priority issues
          • Closed
          relates to

          Suggestion - JRACLOUD-40949 Provide atlassian.xsrf.token with secure flag

          • Closed
          mentioned in

          Page Loading...

          Activity

            People

              Unassigned Unassigned
              ablackmore Ashley Blackmore
              Votes:
              0 Vote for this issue
              Watchers:
              17 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: