View Issue Details [ Jump to Notes ] | [ Print ] | ||||||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||||||
0015406 | CDash | (No Category) | public | 2015-02-17 08:57 | 2015-02-17 08:57 | ||||||||
Reporter | Benedikt Hegner | ||||||||||||
Assigned To | |||||||||||||
Priority | normal | Severity | minor | Reproducibility | have not tried | ||||||||
Status | new | Resolution | open | ||||||||||
Platform | Apple Mac | OS | OS X | OS Version | 10.4.10 | ||||||||
Product Version | 2.2 | ||||||||||||
Target Version | Fixed in Version | ||||||||||||
Summary | 0015406: CDash session cookie not using httpOnly flag | ||||||||||||
Description | the CDash session cookie is not using the httpOnly flag. Enabling it is a security measure against XSS attacks. The attached patch fixes the issue; As far as I understand it shouldn't have any side effects on CDash itself. | ||||||||||||
Tags | No tags attached. | ||||||||||||
Attached Files | cdash_cookies.patch [^] (505 bytes) 2015-02-17 08:57 [Show Content] | ||||||||||||
Relationships | |
Relationships |
Notes | |
There are no notes attached to this issue. |
Notes |
Issue History | |||
Date Modified | Username | Field | Change |
2015-02-17 08:57 | Benedikt Hegner | New Issue | |
2015-02-17 08:57 | Benedikt Hegner | File Added: cdash_cookies.patch |
Issue History |
Copyright © 2000 - 2018 MantisBT Team |