You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@myfaces.apache.org by "Jakob Korherr (JIRA)" <de...@myfaces.apache.org> on 2011/06/17 19:16:47 UTC
[jira] [Commented] (MYFACES-3177) Add secure flag for cookies if
the page is accessed over a secure protocol
[ https://issues.apache.org/jira/browse/MYFACES-3177?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13051203#comment-13051203 ]
Jakob Korherr commented on MYFACES-3177:
----------------------------------------
nice catch - thanks for the report! I am gonna take care of this one.
> Add secure flag for cookies if the page is accessed over a secure protocol
> --------------------------------------------------------------------------
>
> Key: MYFACES-3177
> URL: https://issues.apache.org/jira/browse/MYFACES-3177
> Project: MyFaces Core
> Issue Type: Improvement
> Affects Versions: 2.0.7
> Reporter: Carsten Dimmek
> Priority: Minor
>
> We did some security tests for our application and one of the results was that for example the oam.Flash.RENDERMAP.TOKEN should be marked as secure if the page is accessed via https.
> http://download.oracle.com/javaee/6/api/javax/servlet/http/Cookie.html#setSecure(boolean)
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira