View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0003944 | Composr | core | public | 2019-11-07 00:59 | 2019-11-11 21:37 |
| Reporter | Chris Graham | Assigned To | Chris Graham | ||
| Severity | Feature-request | ||||
| Status | resolved | Resolution | fixed | ||
| Product Version | |||||
| Fixed in Version | |||||
| Summary | 0003944: Prevent CSRF via new 'samesite=lax' cookie option | ||||
| Description | There's a new 'samesite' cookie attribute, which can be used to reduce the potential for CSRF attacks. Make use of it for the session cookie. | ||||
| Tags | Roadmap: v11, Type: Security | ||||
| Time estimation (hours) | 0.25 | ||||
| Sponsorship open | |||||
| related to | 0003890 | resolved | Chris Graham | Only send cookies over HTTPS, if HTTPS base URL |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2019-11-07 00:59 | Chris Graham | New Issue | |
| 2019-11-07 00:59 | Chris Graham | Tag Attached: Type: Security | |
| 2019-11-07 00:59 | Chris Graham | Tag Attached: Roadmap: v11 | |
| 2019-11-07 00:59 | Chris Graham | Time estimation (hours) | => 0.25 |
| 2019-11-07 00:59 | Chris Graham | Relationship added | related to 0003890 |
| 2019-11-11 21:37 | Chris Graham | Assigned To | => Chris Graham |
| 2019-11-11 21:37 | Chris Graham | Status | non-assigned => resolved |
| 2019-11-11 21:37 | Chris Graham | Resolution | open => fixed |
