#3890 - Only send cookies over HTTPS, if HTTPS base URL
-
By Chris Graham
- Added
- 3 views
| Identifier | #3890 |
|---|---|
| Issue type | Feature request or suggestion |
| Title | Only send cookies over HTTPS, if HTTPS base URL |
| Status | Completed |
| Tags |
Roadmap: v11 (custom) Type: Security (custom) |
| Handling member | Chris Graham |
| Addon | core |
| Description | You can, in reasonably modern browsers, specify that cookies only run on HTTPS, not HTTP ('httponly').
If Composr has an HTTPS base URL we should automatically set this. |
| Steps to reproduce | |
| Funded? | No |
The system will post a comment when this issue is modified (e.g., status changes). To be notified of this, click "Enable comment notifications".
Comments
There have been no comments yet