| Anonymous | Login | 2024-04-18 06:14 MDT |
| Main | My View | View Issues | Change Log | Roadmap | Repositories |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0021721 | ClearOS | webconfig-httpd | public | 2018-10-03 09:08 | 2021-11-09 07:48 | ||||
| Reporter | dloper | ||||||||
| Assigned To | |||||||||
| Priority | normal | Severity | minor | Reproducibility | have not tried | ||||
| Status | closed | Resolution | fixed | ||||||
| Platform | OS | OS Version | |||||||
| Product Version | 7.5.0 | ||||||||
| Target Version | 7.6.0 | Fixed in Version | 7.6.0 | ||||||
| Summary | 0021721: SSL Cookie should be flagged as SSL only | ||||||||
| Description | Rapid7 advises that secure attribute should be set on cookie to prevent non-SSL reading of the cookie: The Secure attribute tells the browser to only send the cookie if the request is being sent over a secure channel such as HTTPS. This will help protect the cookie from being passed over unencrypted requests. If the application can be accessed over both HTTP and HTTPS, then there is the potential that the cookie can be sent in clear text. Affected Nodes: Additional Information: n.n.n.n:81 Cookie is not marked as secure: 'clearos_session=485200d8799fabcdd26c1dd474e4f811; path=/; httponly; domain=n.n.n.n' URL: https://n.n.n.n:81/app/base/ [^] n.n.n.n:81 Cookie is not marked as secure: 'clearos_lang=en_US; path=/; domain=n.n.n.n' URL: https://n.n.n.n:81/app/base/ [^] n.n.n.n:81 Cookie is not marked as secure: 'ci_csrf_token=485200d8799fabcdd26c1dd474e4f811; path=/; domain=n.n.n.n' URL: https://n.n.n.n:81/app/base/ [^] | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files | |||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
| There are no notes attached to this issue. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2018-10-03 09:08 | dloper | New Issue | |
| 2018-10-30 14:08 | user2 | Status | new => acknowledged |
| 2018-10-30 14:27 | user2 | Target Version | 7.5.0 Updates => 7.6.0 |
| 2018-11-07 19:47 | user2 | Status | acknowledged => resolved |
| 2018-11-07 19:47 | user2 | Fixed in Version | => 7.6.0 |
| 2018-11-07 19:47 | user2 | Resolution | open => fixed |
| 2018-11-07 19:47 | user2 | Assigned To | => user2 |
| 2021-11-09 07:48 | NickH | Status | resolved => closed |
| 2021-11-09 07:48 | NickH | Assigned To | user2 => |
|
Issue History |