Roundup Tracker - Issues

Message4245

Author joseph_myers
Recipients joseph_myers
Date 2011-02-22.20:07:34
Message-id <1298405254.44.0.534643378553.issue2550689@psf.upfronthosting.co.za>
In-reply-to
When the configured URL for a Roundup tracker is an https: URL,
Roundup's cookies should be marked Secure so they do not get sent back
over non-https connections.

Roundup's cookies should also be marked HttpOnly so that any
cross-site-scripting vulnerabilities do not result in cookies being
compromised.
History
Date User Action Args
2011-02-22 20:07:34joseph_myerssetrecipients: + joseph_myers
2011-02-22 20:07:34joseph_myerssetmessageid: <1298405254.44.0.534643378553.issue2550689@psf.upfronthosting.co.za>
2011-02-22 20:07:34joseph_myerslinkissue2550689 messages
2011-02-22 20:07:34joseph_myerscreate