You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
464e46b02b
1765: Set sensible cookie flags on the admin app r=mergify[bot] a=nextgens ## What type of PR? Bugfix ## What does this PR do? It sets the right flags on the session cookie issued by the admin app. This should probably be backported as the lack of secure flag on TLS-enabled setup is a high risk vulnerability. SameSite is hardening / helps against CSRF on modern browsers HTTPOnly is hardening / helps reduce the impact of XSS Co-authored-by: Florent Daigniere <nextgens@freenetproject.org> |
3 years ago | |
|---|---|---|
| .. | ||
| admin | 3 years ago | |
| dovecot | 4 years ago | |
| nginx | 3 years ago | |
| none | 4 years ago | |
| postfix | 4 years ago | |
| rspamd | 4 years ago | |