Uploaded image for project: 'Hippo CMS'
  1. Hippo CMS
  2. CMS-13005

By default secure the cookies in CMS & Site

    XMLWordPrintable

Details

    • Improvement
    • Status: Open
    • Normal
    • Resolution: Unresolved
    • None
    • None
    • archetype

    Description

      The JSESSIONID and SERVERID for both Site & CMS (refer screenshot) are not secure. As part of this request make them secure by default [1] for a project that is bootstrapped with archetype.

      [1] - https://www.owasp.org/index.php/SecureFlag

      Attachments

        1. cms-screenshot-1.png
          244 kB
          Junaidh Kadhar Sheriff
        2. site-screenshot-1.png
          334 kB
          Junaidh Kadhar Sheriff

        Activity

          People

            Unassigned Unassigned
            jsheriff Junaidh Kadhar Sheriff
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated: