| Anonymous | Login | 2024-04-19 17:30 MDT |
| Main | My View | View Issues | Change Log | Roadmap | Repositories |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0001822 | ClearOS | app-zarafa-community - Zarafa | public | 2014-06-25 16:39 | 2020-09-03 03:09 | ||||
| Reporter | marclaporte | ||||||||
| Assigned To | |||||||||
| Priority | normal | Severity | minor | Reproducibility | always | ||||
| Status | closed | Resolution | won't fix | ||||||
| Platform | OS | OS Version | |||||||
| Product Version | |||||||||
| Target Version | Fixed in Version | ||||||||
| Summary | 0001822: Zarafa: force https use for all data & related security enhancements | ||||||||
| Description | 1- Zarafa webapp and webaccess should not be accessible in http, but only in https visiting http://example.org/webapp/ [^] or http://example.org/webaccess/ [^] should redirect to https RequireSSL & php_flag session.cookie_secure and some other great tips here: https://community.zarafa.com/pg/blog/read/16779/securing-webapp [^] 2- It should be possible to deactivate any calls to different domains. On https://example.org/webapp/, [^] Firefox reports "Firefox has blocked content that isn't secure" as per https://support.mozilla.org/en-US/kb/how-does-content-isnt-secure-affect-my-safety [^] Ex.: When clicking on "Feedback?", a script from http://jira.zarafa.com/ [^] is loaded. http://www.zarafa.com/content/zarafa-privacy-policy#webapp-feedback [^] https://community.zarafa.com/pg/blog/read/15005/webapp-the-feedback-plugin [^] a) There should be an option in https://example.org:81/app/zarafa_community [^] to turn it off b) It should be in https instead of http Related: http://tracker.clearfoundation.com/view.php?id=995 [^] | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files | |||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2014-06-25 16:39 | marclaporte | New Issue | |
| 2014-06-26 09:52 | user2 | Status | new => confirmed |
| 2020-09-03 03:09 | NickH | Note Added: 0014531 | |
| 2020-09-03 03:09 | NickH | Status | confirmed => closed |
| 2020-09-03 03:09 | NickH | Resolution | open => won't fix |
|
Issue History |