Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Fix Version/s: translate5 - 5.0.13, translate5 - 5.0.14, translate5 - 5.1.0
Affects Version/s: None
Component/s: Editor general

Urgency:
Medium
Important release notes:
Important for users which are using an own task administration: test if the integration works, if not the samesite cookie config in application.ini must be removed and this issue reopened!
ChangeLog Description:
Set the authentication cookie according to the latest security recommendations.
Checklist:

Empty

show more show less

Set the Cookie security in dependency of the ssl usage flag.

COOKIE: ZFEXTENDED

The cookie is missing Secure, ~~HttpOnly~~ and SameSite flag, make sure it does not store sensitive information.

The HttpOnly cookie can not be used by us, since we need JS access to the session cookie.

Assignee:: Thomas Lauria
Reporter:: Thomas Lauria
Votes:: 0 Vote for this issue
Watchers:: 1 Start watching this issue

Created:: 05/Nov/2020 12:13
Updated:: 23/Apr/2024 05:09
Resolved:: 14/Jan/2021 06:05