Uploaded image for project: 'Hue'
  1. Hue
  2. HUE-4873

[security] Deliver csrftoken cookie with "HTTP_ONLY" bit set when HTTPS

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.11.0
    • Fix Version/s: 3.12.0
    • Component/s: core.api
    • Labels:
      None

      Description

      1. Get the csrfcookie in the templates
      2. Setup the flag

        Attachments

          Activity

            People

            • Assignee:
              ranade Prakash
              Reporter:
              romain Romain Rigaux
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: