Author: markt Date: Wed May 5 22:42:35 2010 New Revision: 941522 URL: http://svn.apache.org/viewvc?rev=941522&view=rev Log: Withdraw vote. Propose alternative
Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=941522&r1=941521&r2=941522&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Wed May 5 22:42:35 2010 @@ -257,11 +257,15 @@ PATCHES PROPOSED TO BACKPORT: * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49158 http://svn.apache.org/viewvc?view=revision&revision=935998 - +1: fhanik, markt + +1: fhanik -1: kkolinko: 1) because Response#addSessionCookieInternal(..) skips cookies.add(cookie); call 2) you need to take care of the useHttpOnly flag -1: + Alternative patch that addresses Konstatin's review comments + http://people.apache.org/~markt/patches/2010-05-05-bug49158.patch + +1: markt + -1: * Configure Tomcat to use HttpOnly for session cookies by default http://people.apache.org/~kkolinko/patches/2010-04-21_tc6_context_httpOnly.patch --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org