You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2015/09/30 03:22:04 UTC
[jira] [Updated] (AMBARI-13272) CLONE - Set HttpOnly and Secure
flags for Ambari session cookies
[ https://issues.apache.org/jira/browse/AMBARI-13272?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Levas updated AMBARI-13272:
----------------------------------
Fix Version/s: (was: 2.1.0)
2.0.3
> CLONE - Set HttpOnly and Secure flags for Ambari session cookies
> ----------------------------------------------------------------
>
> Key: AMBARI-13272
> URL: https://issues.apache.org/jira/browse/AMBARI-13272
> Project: Ambari
> Issue Type: Task
> Affects Versions: 2.0.2
> Reporter: Robert Levas
> Assignee: Robert Levas
> Fix For: 2.0.3
>
>
> Ambari should set the following flags for session cookies.
> 1) https://www.owasp.org/index.php/HttpOnly
> 2) https://www.owasp.org/index.php/SecureFlag
> #2 only needs to be set when people configure for Ambari HTTPS
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)