Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Can not login on HTTP only instances or instances with an empty sys_https_host setting

Download Browse

The cookie prefix protection should not be set if it is not certain that the Tuleap instance can be accessed over HTTPS. This is part of request #10979: Implement Same-Site cookie and cookie prefixes protections Change-Id: Ia74ca79c4d8744925a5030a7933c0812e1725637

+21 −5
Thomas Gerbet (tgerbet) 2018-01-24 09:12
Thomas Gerbet (tgerbet) 2018-01-24 09:12
e9f1ee602f3317d3f3a2510e1247a7c519255404
1a75078083230e6656b9238fcd9b98d39ddf50a5
git #tuleap/stable/e9f1ee602f3317d3f3a2510e1247a7c519255404

Modified Files

Side by side diff
Inline diff
Name
M src/common/include/CookieManager.class.php +7 −4 Go to diff View file
M tests/simpletest/common/include/CookieManagerTest.php +14 −1 Go to diff View file