David Gadbois created MYFACES-3639: -------------------------------------- Summary: The flash scope cookie is not HttpOnly Key: MYFACES-3639 URL: https://issues.apache.org/jira/browse/MYFACES-3639 Project: MyFaces Core Issue Type: Improvement Components: General Affects Versions: 2.1.9 Reporter: David Gadbois Priority: Minor
The oam.Flash.RENDERMAP.TOKEN cookie does not have the HttpOnly flag set. Many security policies require that cookies have HttpOnly set if possible. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira