You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
mailu/core
bors[bot] 464e46b02b
Merge #1765
1765: Set sensible cookie flags on the admin app r=mergify[bot] a=nextgens

## What type of PR?

Bugfix

## What does this PR do?

It sets the right flags on the session cookie issued by the admin app.
This should probably be backported as the lack of secure flag on TLS-enabled setup is a high risk vulnerability.

SameSite is hardening / helps against CSRF on modern browsers
HTTPOnly is hardening / helps reduce the impact of XSS

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
4 years ago
..
admin Merge #1765 4 years ago
dovecot Use alpine 3.13 to fix CVE-2020-25275 and CVE-2020-24386 4 years ago
nginx Merge #1618 4 years ago
none Switching to alpine:3.12 5 years ago
postfix Ensure that the rendered file ends with newline in order to make `postconf` work correctly 4 years ago
rspamd Switching to alpine:3.12 5 years ago