WebStyle: HttpOnly cookie attribute
e83f600fea90
Actions

Authored by Tibor Simko <tibor.simko@cern.ch> on Apr 28 2015, 13:01.

Description

WebStyle: HttpOnly cookie attribute

SECURITY Adds back the HttpOnly cookie attribute in order to better protect against potential XSS vulnerabilities. (closes #3064)

Signed-off-by: Tibor Simko <tibor.simko@cern.ch>
Reviewed-by: Samuele Kaplun <samuele.kaplun@cern.ch>

Committed

Tibor Simko <tibor.simko@cern.ch>

Apr 28 2015, 15:15

Parents

R3600:0aeae5d8970f: kwalitee: valid component names

Branches

Unknown

Tags

Unknown

Tibor Simko <tibor.simko@cern.ch> committed R3600:e83f600fea90: WebStyle: HttpOnly cookie attribute (authored by Tibor Simko <tibor.simko@cern.ch>).Apr 28 2015, 15:15

				Path
	M			modules/websession/lib/session.py
	M			modules/webstyle/lib/webinterface_handler_wsgi_utils.py