|
||||||||
|
This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira |
||||||||
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Confused by this. So it shouldn't be HttpOnly? Why would this change between Jenkins 1.585 and 1.586. Also according to the property in WebSphere it makes it sound like you want it HttpOnly to prevent cross-site scripting attacks.
WebSphere checkbox label:
Set session cookies to HTTPOnly to help prevent cross-site scripting attacks