You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@myfaces.apache.org by "Jakob Korherr (JIRA)" <de...@myfaces.apache.org> on 2011/06/17 21:01:47 UTC

[jira] [Resolved] (MYFACES-3177) Add secure flag for cookies if the page is accessed over a secure protocol

     [ https://issues.apache.org/jira/browse/MYFACES-3177?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jakob Korherr resolved MYFACES-3177.
------------------------------------

       Resolution: Fixed
    Fix Version/s: 2.1.2-SNAPSHOT
                   2.0.8-SNAPSHOT

> Add secure flag for cookies if the page is accessed over a secure protocol
> --------------------------------------------------------------------------
>
>                 Key: MYFACES-3177
>                 URL: https://issues.apache.org/jira/browse/MYFACES-3177
>             Project: MyFaces Core
>          Issue Type: Improvement
>    Affects Versions: 2.0.7, 2.1.1
>            Reporter: Carsten Dimmek
>            Assignee: Jakob Korherr
>            Priority: Minor
>             Fix For: 2.0.8-SNAPSHOT, 2.1.2-SNAPSHOT
>
>
> We did some security tests for our application and one of the results was that for example the oam.Flash.RENDERMAP.TOKEN should be marked as secure if the page is accessed via https.
> http://download.oracle.com/javaee/6/api/javax/servlet/http/Cookie.html#setSecure(boolean)

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira