[GitHub] zeppelin issue #2545: ZEPPELIN-2873 - Add documentation on secure cookie in ...
Github user Leemoonsoo commented on the issue: https://github.com/apache/zeppelin/pull/2545 LGTM. Merge to master and branch-0.7 if no further discussions. Thanks @VipinRathor for the contribution! --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] zeppelin issue #2545: ZEPPELIN-2873 - Add documentation on secure cookie in ...
Github user VipinRathor commented on the issue: https://github.com/apache/zeppelin/pull/2545 Thanks @krishna-pandey & @Leemoonsoo for reviewing this. I have updated the doc as suggested by @krishna-pandey . @Leemoonsoo I like your suggestion for updating the shiro.ini template. Doing that in a separate PR. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] zeppelin issue #2545: ZEPPELIN-2873 - Add documentation on secure cookie in ...
Github user Leemoonsoo commented on the issue: https://github.com/apache/zeppelin/pull/2545 Looks good to me. @VipinRathor do you think it's good idea configure httpOnly flag in `conf/shiro.ini.template` file by default? --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] zeppelin issue #2545: ZEPPELIN-2873 - Add documentation on secure cookie in ...
Github user VipinRathor commented on the issue: https://github.com/apache/zeppelin/pull/2545 @prabhjyotsingh @Leemoonsoo Please help with review. For some context on httpOnly flag, please check https://www.owasp.org/index.php/HttpOnly Thanks. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---