View Issue Details

IDProjectCategoryView StatusLast Update
0004734SymmetricDS ProImprovementpublic2021-01-11 13:48
Reporterelong Assigned Toelong  
Status closedResolutionfixed 
Product Version3.12.0 
Target Version3.12.6Fixed in Version3.12.6 
Summary0004734: Set cookies as http only and secure
DescriptionSet cookies to HTTP only, so they cannot be used by JavaScript during a cross-site scripting (XSS) attack. If the server is started with only the HTTPS protocol, then set cookies to secure, so they can only be sent over HTTPS, which ensures confidentiality.
TagsNo tags attached.


There are no notes attached to this issue.

Related Changesets

SymmetricDS: 3.12 338070bd

2020-12-29 20:42:25


Details Diff
0004734: Set cookies as http only and secure Affected Issues
mod - symmetric-server/src/main/java/org/jumpmind/symmetric/ Diff File

Issue History

Date Modified Username Field Change
2020-12-29 19:45 elong New Issue
2020-12-29 19:45 elong Status new => assigned
2020-12-29 19:45 elong Assigned To => elong
2020-12-29 20:42 elong Status assigned => resolved
2020-12-29 20:42 elong Resolution open => fixed
2020-12-29 20:42 elong Fixed in Version => 3.12.6
2020-12-29 21:00 admin Changeset attached => SymmetricDS 3.12 338070bd
2021-01-11 13:48 admin Status resolved => closed