Dilli Arumugam created KNOX-269:
-----------------------------------
Summary: flas the session cooke is httpOnly
Key: KNOX-269
URL: https://issues.apache.org/jira/browse/KNOX-269
Project: Apache Knox
Issue Type: Bug
Components: Server
Affects Versions: 0.3.0
Reporter: Dilli Arumugam
Assignee: Dilli Arumugam
Fix For: 0.4.0
Knox, at present, leverages JSESSIONID as session cookie,
This needs to be flagged as httpOnly.
Please see
https://www.owasp.org/index.php/HttpOnly
for some context on httpOnly flag.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
