Closed
Bug 383187
Opened 17 years ago
Closed 2 years ago
should AUS send the aus cookie as HttpOnly?
Categories
(AUS Graveyard :: General, defect)
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
4.x (triaged)
People
(Reporter: moco, Assigned: morgamic)
Details
should we AUS send the aus cookie as HttpOnly? see bug #178993 (we have HttpOnly support on trunk, but we're seeking backport to 1.8 branch) see also bug #383181
Comment 1•17 years ago
|
||
Why? What are you trying to protect against? It's not like our users are logging in to AUS. Now Bugzilla and AMO cookies are another matter entirely. HTTPOnly would have some real value there.
Comment 2•2 years ago
|
||
This bug lies at rest in the graveyard.
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → INCOMPLETE
You need to log in
before you can comment on or make changes to this bug.
Description
•