Use secure (HTTPOnly) cookies #10

New Issue

Closed

opened 2017-07-16 21:21:38 +02:00 by albino · 2 comments

albino commented 2017-07-16 21:21:38 +02:00

Owner

Copy Link

sweet sweet xss mitigation

sweet sweet xss mitigation

albino added the

improvement

security

labels 2017-07-16 21:21:38 +02:00

albino commented 2017-07-16 21:45:41 +02:00

Author

Owner

Copy Link

fuck knows how I'm going to do this

fuck knows how I'm going to do this

albino commented 2017-07-17 00:20:05 +02:00

Author

Owner

Copy Link

Turns out this was down to a bug in Dancer. The http_only => 1 bit could be removed once we update to a newer version of Dancer2.

Fixed in c0ba0c5c7b

Turns out this was down to a bug in Dancer. The `http_only => 1` bit could be removed once we update to a newer version of Dancer2. Fixed in https://git.fuwafuwa.moe/.cyb/cyberman/commit/c0ba0c5c7b647b5fd9dc33117deda675bbb400be

albino closed this issue 2017-07-17 00:20:06 +02:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

Labels

Clear labels   

bug

  

cleanup

  

feature

  

improvement

  

meta

  

security

  

UX

  

whois

No Label

bug

cleanup

feature

improvement

meta

security

UX

whois

Milestone

Clear milestone

No items

No Milestone

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: .cyb/cyberman#10

No description provided.