ClearFoundation Tracker - ClearOS
View Issue Details
0001822ClearOSapp-zarafa-community - Zarafapublic2014-06-25 16:392014-06-26 09:52
0001822: Zarafa: force https use for all data & related security enhancements
1- Zarafa webapp and webaccess should not be accessible in http, but only in https
visiting [^] or [^] should redirect to https

RequireSSL & php_flag session.cookie_secure and some other great tips here: [^]

2- It should be possible to deactivate any calls to different domains.

On, [^] Firefox reports "Firefox has blocked content that isn't secure" as per [^]

Ex.: When clicking on "Feedback?", a script from [^] is loaded. [^] [^]
a) There should be an option in [^] to turn it off
b) It should be in https instead of http

Related: [^]
No tags attached.
Issue History
2014-06-25 16:39marclaporteNew Issue
2014-06-26 09:52user2Statusnew => confirmed

There are no notes attached to this issue.