You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by kk...@apache.org on 2010/12/02 02:51:56 UTC

svn commit: r1041251 - in /tomcat/tc6.0.x/trunk: STATUS.txt webapps/docs/changelog.xml webapps/host-manager/META-INF/context.xml webapps/host-manager/manager.xml webapps/manager/META-INF/context.xml

Author: kkolinko
Date: Thu Dec  2 01:51:55 2010
New Revision: 1041251

URL: http://svn.apache.org/viewvc?rev=1041251&view=rev
Log:
Configure manager and host-manager webapps to use HttpOnly for session cookies

Modified:
    tomcat/tc6.0.x/trunk/STATUS.txt
    tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
    tomcat/tc6.0.x/trunk/webapps/host-manager/META-INF/context.xml
    tomcat/tc6.0.x/trunk/webapps/host-manager/manager.xml
    tomcat/tc6.0.x/trunk/webapps/manager/META-INF/context.xml

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1041251&r1=1041250&r2=1041251&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Thu Dec  2 01:51:55 2010
@@ -198,11 +198,6 @@ PATCHES PROPOSED TO BACKPORT:
   +1: markt
   -1:
 
-* Configure manager and host-manager webapps to use HttpOnly for session cookies
-  http://people.apache.org/~kkolinko/patches/2010-11-22_tc6_httpOnly.patch
-  +1: kkolinko, markt, kfujino
-  -1:
-
 * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50316
   Fix minor glitch with display of negative values in Manager webapp
   http://svn.apache.org/viewvc?rev=1037887&view=rev

Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1041251&r1=1041250&r2=1041251&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Thu Dec  2 01:51:55 2010
@@ -349,6 +349,10 @@
         <bug>50294</bug>: Add more information to documentation regarding format
         of configuration files. Patch provided by Luke Meyer. (markt) 
       </add>
+      <update>
+        Configure the Manager and Host-Manager web applications to use HttpOnly
+        flag for their session cookies. (kkolinko)
+      </update>
     </changelog>
   </subsection>
   <subsection name="Other">

Modified: tomcat/tc6.0.x/trunk/webapps/host-manager/META-INF/context.xml
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/host-manager/META-INF/context.xml?rev=1041251&r1=1041250&r2=1041251&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/host-manager/META-INF/context.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/host-manager/META-INF/context.xml Thu Dec  2 01:51:55 2010
@@ -15,4 +15,4 @@
   See the License for the specific language governing permissions and
   limitations under the License.
 -->
-<Context antiResourceLocking="false" privileged="true" />
+<Context antiResourceLocking="false" privileged="true" useHttpOnly="true" />

Modified: tomcat/tc6.0.x/trunk/webapps/host-manager/manager.xml
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/host-manager/manager.xml?rev=1041251&r1=1041250&r2=1041251&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/host-manager/manager.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/host-manager/manager.xml Thu Dec  2 01:51:55 2010
@@ -25,6 +25,6 @@
 
 
 <Context docBase="${catalina.home}/webapps/manager"
-         privileged="true" antiResourceLocking="false" antiJARLocking="false">
+         privileged="true" antiResourceLocking="false" antiJARLocking="false" useHttpOnly="true">
 
 </Context>

Modified: tomcat/tc6.0.x/trunk/webapps/manager/META-INF/context.xml
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/manager/META-INF/context.xml?rev=1041251&r1=1041250&r2=1041251&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/manager/META-INF/context.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/manager/META-INF/context.xml Thu Dec  2 01:51:55 2010
@@ -15,4 +15,4 @@
   See the License for the specific language governing permissions and
   limitations under the License.
 -->
-<Context antiResourceLocking="false" privileged="true" />
+<Context antiResourceLocking="false" privileged="true" useHttpOnly="true" />



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org