[Koha-devel] Making CGISESSID cookie more secure
dcook at prosentient.com.au
dcook at prosentient.com.au
Tue May 5 05:41:35 CEST 2020
Hi all,
I know it's a tough one to test, but could someone check out
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25360? When using
HTTPS, it sets the secure flag on the CGISESSID, so that the cookie can't be
sent over an unencrypted HTTP request.
It won't break HTTP, but it will make use of HTTPS more secure.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Online: 02 8005 0595
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20200505/40cc74f3/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 484 bytes
Desc: not available
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20200505/40cc74f3/attachment.sig>
More information about the Koha-devel
mailing list