Author: markt
Date: Wed May 5 22:42:35 2010
New Revision: 941522
URL: http://svn.apache.org/viewvc?rev=941522&view=rev
Log:
Withdraw vote. Propose alternative
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=941522&r1=941521&r2=941522&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Wed May 5 22:42:35 2010
@@ -257,11 +257,15 @@ PATCHES PROPOSED TO BACKPORT:
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49158
http://svn.apache.org/viewvc?view=revision&revision=935998
- +1: fhanik, markt
+ +1: fhanik
-1: kkolinko: 1) because Response#addSessionCookieInternal(..) skips
cookies.add(cookie); call
2) you need to take care of the useHttpOnly flag
-1:
+ Alternative patch that addresses Konstatin's review comments
+ http://people.apache.org/~markt/patches/2010-05-05-bug49158.patch
+ +1: markt
+ -1:
* Configure Tomcat to use HttpOnly for session cookies by default
http://people.apache.org/~kkolinko/patches/2010-04-21_tc6_context_httpOnly.patch
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
