Uploaded image for project: 'atlassian-seraph'
  1. atlassian-seraph
  2. SER-72

Cookie secure flag should be set if SSL is in effect.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Medium Medium
    • 0.10
    • 0.7.20
    • None
    • true

      The app server sets the secure flag on the session cookie if SSL is in effect.

      Seraph should behave similarly when generating the seraph.os.cookie.

      The secure flag indicates to the browser to only transmit the cookie when SSL is in effect:

      http://www.w3.org/Security/Faq/wwwsf2.html

            dbrown@atlassian.com Don Brown (Inactive)
            keith@atlassian.com Keith Brophy
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              16 years, 48 weeks ago