Tom Beerbower created AMBARI-11129: -------------------------------------- Summary: Set HttpOnly and Secure flags for Ambari session cookies Key: AMBARI-11129 URL: https://issues.apache.org/jira/browse/AMBARI-11129 Project: Ambari Issue Type: Task Reporter: Tom Beerbower Assignee: Tom Beerbower Fix For: 2.1.0
Ambari should set the following flags for session cookies. 1) https://www.owasp.org/index.php/HttpOnly 2) https://www.owasp.org/index.php/SecureFlag #2 only needs to be set when people configure for Ambari HTTPS -- This message was sent by Atlassian JIRA (v6.3.4#6332)