View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0003890 | Composr | core | public | 2019-10-01 19:50 | 2019-11-11 21:33 |
| Reporter | Chris Graham | Assigned To | Chris Graham | ||
| Severity | Feature-request | ||||
| Status | resolved | Resolution | fixed | ||
| Product Version | |||||
| Fixed in Version | |||||
| Summary | 0003890: Only send cookies over HTTPS, if HTTPS base URL | ||||
| Description | You can, in reasonably modern browsers, specify that cookies only run on HTTPS, not HTTP ('httponly'). If Composr has an HTTPS base URL we should automatically set this. | ||||
| Tags | Roadmap: v11, Type: Security | ||||
| Time estimation (hours) | 0.75 | ||||
| Sponsorship open | |||||
| related to | 0003944 | resolved | Chris Graham | Prevent CSRF via new 'samesite=lax' cookie option |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2019-10-01 19:50 | Chris Graham | New Issue | |
| 2019-10-01 19:50 | Chris Graham | Tag Attached: Roadmap: v11 | |
| 2019-10-01 19:50 | Chris Graham | Tag Attached: Type: Security | |
| 2019-11-07 00:57 | Chris Graham | Description Updated | View Revisions |
| 2019-11-07 00:59 | Chris Graham | Relationship added | related to 0003944 |
| 2019-11-11 21:33 | Chris Graham | Assigned To | => Chris Graham |
| 2019-11-11 21:33 | Chris Graham | Status | non-assigned => resolved |
| 2019-11-11 21:33 | Chris Graham | Resolution | open => fixed |
