[ https://issues.apache.org/jira/browse/MYFACES-3177?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13051203#comment-13051203 ]
Jakob Korherr commented on MYFACES-3177: ---------------------------------------- nice catch - thanks for the report! I am gonna take care of this one. > Add secure flag for cookies if the page is accessed over a secure protocol > -------------------------------------------------------------------------- > > Key: MYFACES-3177 > URL: https://issues.apache.org/jira/browse/MYFACES-3177 > Project: MyFaces Core > Issue Type: Improvement > Affects Versions: 2.0.7 > Reporter: Carsten Dimmek > Priority: Minor > > We did some security tests for our application and one of the results was > that for example the oam.Flash.RENDERMAP.TOKEN should be marked as secure if > the page is accessed via https. > http://download.oracle.com/javaee/6/api/javax/servlet/http/Cookie.html#setSecure(boolean) -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira