[Koha-bugs] [Bug 25360] New: Use secure flag for CGISESSID cookie
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon May 4 01:49:46 CEST 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25360
Bug ID: 25360
Summary: Use secure flag for CGISESSID cookie
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5 - low
Component: Architecture, internals, and plumbing
Assignee: koha-bugs at lists.koha-community.org
Reporter: dcook at prosentient.com.au
QA Contact: testopia at bugs.koha-community.org
We should consider setting the "secure" flag for the CGISESSID cookie
(https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#Secure_and_HttpOnly_cookies),
so that it can only be sent to the server from the browser over HTTPS.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list