Project

General

Profile

Development #11275

poser HttpOnly / Secure sur les cookies de session

Added by Frédéric Péters (de retour le 10/10) over 6 years ago. Updated over 6 years ago.

Status:
Fermé
Priority:
Normal
Assignee:
-
Target version:
Start date:
10 June 2016
Due date:
% Done:

0%

Estimated time:
Patch proposed:
Yes
Planning:

Description

cf _set_cookie dans session.py :

        if config.session_cookie_secure:
            attrs['secure'] = 1
        if config.session_cookie_httponly:
            attrs['httponly'] = 1

Files

Associated revisions

Revision a9b8c3af (diff)
Added by Frédéric Péters (de retour le 10/10) over 6 years ago

misc: add httponly/secure flags on session cookie (#11275)

History

#2

Updated by Benjamin Dauvergne over 6 years ago

Ack.

#3

Updated by Frédéric Péters (de retour le 10/10) over 6 years ago

  • Status changed from En cours to Résolu (à déployer)
commit a9b8c3af0c75aa912dd8e4bf29c3936d31afc805
Author: Frédéric Péters <fpeters@entrouvert.com>
Date:   Sat Jun 11 13:29:35 2016 +0200

    misc: add httponly/secure flags on session cookie (#11275)
#4

Updated by Frédéric Péters (de retour le 10/10) over 6 years ago

  • Target version set to v1.44
#5

Updated by Frédéric Péters (de retour le 10/10) over 6 years ago

  • Status changed from Résolu (à déployer) to Fermé

Also available in: Atom PDF