Issue #142: the pagure cookie should be set with the secure attribute - pagure

pagure

#142 the pagure cookie should be set with the secure attribute

Closed: Fixed None Opened 8 years ago by till.

The pagure cookie should be set with the secure attribute to make sure it is not sent via unencrypted connections by browsers not supporting HSTS:
https://www.owasp.org/index.php/SecureFlag

pingou commented 8 years ago

This should be set now, the code had the logic, only the configuration change was needed.

Metadata

Assignee

pingou

Tags

None

Blocking

None

Depending on

None

Priority

None

Milestone

None

pagure

Source Code

Documentation

#142 the pagure cookie should be set with the secure attribute Closed: Fixed None Opened 8 years ago by till.

Metadata

#142 the pagure cookie should be set with the secure attribute

Closed: Fixed None Opened 8 years ago by till.