You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2015/09/30 03:21:04 UTC
[jira] [Created] (AMBARI-13272) CLONE - Set HttpOnly and Secure
flags for Ambari session cookies
Robert Levas created AMBARI-13272:
-------------------------------------
Summary: CLONE - Set HttpOnly and Secure flags for Ambari session cookies
Key: AMBARI-13272
URL: https://issues.apache.org/jira/browse/AMBARI-13272
Project: Ambari
Issue Type: Task
Reporter: Robert Levas
Assignee: Tom Beerbower
Fix For: 2.1.0
Ambari should set the following flags for session cookies.
1) https://www.owasp.org/index.php/HttpOnly
2) https://www.owasp.org/index.php/SecureFlag
#2 only needs to be set when people configure for Ambari HTTPS
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)